Sujet Précédent Sujet Suivant

Divers trojan b153, b152, b128

Fermé
StereoSushi Messages postés 31 Date d'inscription mercredi 25 juin 2008 Statut Membre Dernière intervention 25 février 2009 - 25 juin 2008 à 18:29
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 - 9 juil. 2008 à 14:09
Bonjour,

Désolé pour mon manque d'originalité, voila, je joue sur steam et à wow et pendant mes parties divers panneaux de pub internet me font sortir des jeux ( pénible) ces fenêtres intempestives ce manifestent aussi pendant mes cessions sur le net.


Je viens d'utiliser combofix, qui a retiré un certain nvcoi.exe plus 2 ou 3 truc en plus j 'ai gardé le log que je poste ci dessous un que le log d'hijackthis.

j'aurais besoin d'une aide didacticielle car perso je ne suis pas trés a l'aise avec la gestion et modification des clés de registre.

Merci d'avance.


ComboFix 08-06-20.4 - olivier 2008-06-25 16:56:39.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.859 [GMT 2:00]
Endroit: C:\Documents and Settings\olivier\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
* Resident AV is active


[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\nvcoi
C:\Program Files\nvcoi\mst.stt
C:\Program Files\nvcoi\nvcoi.Vexe
C:\WINDOWS\system32\MSINET.oca

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-25 to 2008-06-25 ))))))))))))))))))))))))))))))))))))
.

2008-06-14 21:08 . 2008-06-14 21:08 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-14 21:08 . 2008-06-14 21:08 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-11 16:50 . 2008-06-11 16:50 118 --a------ C:\WINDOWS\system32\MRT.INI
2008-06-11 07:35 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-25 12:23 --------- d-----w C:\Program Files\EsetOnlineScanner
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 14:11 27,840 ----a-w C:\Documents and Settings\olivier\Application Data\GDIPFONTCACHEV1.DAT
2008-06-05 18:24 27,840 ----a-w C:\Documents and Settings\deborah\Application Data\GDIPFONTCACHEV1.DAT
2008-05-19 20:46 --------- d-----w C:\Program Files\MSECache
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 21:29 --------- d-----w C:\Documents and Settings\olivier\Application Data\AdobeUM
2004-12-08 23:08 0 ----a-w C:\Documents and Settings\olivier\ut2k3mapsv3.dat
2004-12-08 23:08 0 ----a-w C:\Documents and Settings\olivier\sharedfiles.dat
2004-01-13 19:08 1,041 ----a-w C:\Program Files\INSTALL.LOG
2003-11-23 20:52 517 ----a-w C:\Program Files\STEREOSUSHI.plr
2003-11-23 20:52 32 ----a-w C:\Program Files\STEREOSUSHI.cfl
2003-11-23 20:52 0 ----a-w C:\Program Files\STEREOSUSHI.fav
2003-11-23 20:52 0 ----a-w C:\Program Files\STEREOSUSHI.chn
2003-11-23 20:52 0 ----a-w C:\Program Files\STEREOSUSHI.bud
2003-09-07 13:59 499,712 ----a-w C:\Program Files\cpuz.exe
2003-08-24 12:54 966 ----a-w C:\Program Files\cpuz-readme.txt
2003-07-09 23:45 243,223 ----a-w C:\Program Files\cd-client-3_3_1-en.exe
2003-06-09 13:41 34,451 ----a-w C:\Program Files\F55inf.EXE
2003-06-07 12:29 8,737,844 ----a-w C:\Program Files\QuickTimeInstallCache.qdat
2003-06-07 12:21 542,368 ----a-w C:\Program Files\QuickTimeInstaller.exe
2003-06-04 06:49 448,256 ----a-w C:\WINDOWS\inf\EL2K_N64.sys
2003-06-04 06:48 147,328 ----a-w C:\WINDOWS\inf\EL2K_XP.sys
2003-06-04 06:47 147,328 ----a-w C:\WINDOWS\inf\EL2K_2K.sys
2003-03-02 17:22 12,377 ----a-w C:\Program Files\cpuz.vxd
2003-03-01 15:52 4,084 ----a-w C:\Program Files\cpuz.sys
.

((((((((((((((((((((((((((((( snapshot@2008-03-07_18.04.14.84 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-03-20 07:56:50 1,846,016 ----a-w C:\WINDOWS\$hf_mig$\KB941693\SP2QFE\win32k.sys
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\updspapi.dll
+ 2008-02-20 05:20:23 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsapi.dll
+ 2008-02-20 18:50:24 45,568 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsrslvr.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\updspapi.dll
+ 2008-03-01 12:34:26 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\advpack.dll
+ 2008-03-01 12:34:26 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtmsft.dll
+ 2008-03-01 12:34:26 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtrans.dll
+ 2008-03-01 12:34:27 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\extmgr.dll
+ 2008-03-01 12:34:27 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\icardie.dll
+ 2008-02-22 09:39:56 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ie4uinit.exe
+ 2008-03-01 12:34:27 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakeng.dll
+ 2008-03-01 12:34:27 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dat
+ 2008-03-01 12:34:27 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dll
+ 2008-03-01 12:34:27 388,608 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iedkcs32.dll
+ 2008-03-01 12:34:29 6,067,712 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieframe.dll
+ 2008-03-01 12:34:29 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iernonce.dll
+ 2008-03-01 12:34:29 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iertutil.dll
+ 2008-02-22 09:39:56 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieudinit.exe
+ 2008-02-22 09:40:22 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
+ 2008-03-01 12:34:30 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\jsproxy.dll
+ 2008-03-01 12:34:30 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeeds.dll
+ 2008-03-01 12:34:30 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeedsbs.dll
+ 2008-03-01 12:34:32 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll
+ 2008-03-01 12:34:32 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtmled.dll
+ 2008-03-01 12:34:32 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msrating.dll
+ 2008-03-01 12:34:32 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mstime.dll
+ 2008-03-01 12:34:32 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\occache.dll
+ 2008-03-01 12:34:32 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\pngfilt.dll
+ 2008-03-01 12:34:32 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\url.dll
+ 2008-03-01 12:34:33 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\urlmon.dll
+ 2008-03-01 12:34:33 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\webcheck.dll
+ 2008-03-01 12:34:33 827,392 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\updspapi.dll
+ 2008-02-20 06:52:42 282,624 ----a-w C:\WINDOWS\$hf_mig$\KB948590\SP2QFE\gdi32.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\updspapi.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\update.exe
+ 2007-03-06 01:35:47 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\updspapi.dll
+ 2008-01-23 04:56:21 554,008 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11 518,944 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11 326,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:11 1,516,568 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11 355,112 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2008-03-25 06:56:31 194,144 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12 60,192 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12 248,608 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12 219,936 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13 432,928 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13 322,336 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13 559,904 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13 264,992 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13 838,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-11-01 05:15:27 621,344 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\updspapi.dll
+ 2005-04-24 12:15:20 2,678 -c----w C:\WINDOWS\$NtServicePackUninstall$\bf7nd7jt.dat
+ 2002-08-30 12:00:00 1,740 -c----w C:\WINDOWS\$NtServicePackUninstall$\dcache.bin
+ 2002-08-30 12:00:00 2,816 -c----w C:\WINDOWS\$NtServicePackUninstall$\drmkaud.sys
+ 2005-04-24 12:15:20 2,678 -c----w C:\WINDOWS\$NtServicePackUninstall$\enntr3jl.dat
+ 2005-04-24 12:15:20 2,678 -c----w C:\WINDOWS\$NtServicePackUninstall$\oofn7fbv.dat
+ 2005-04-24 12:15:20 2,678 -c----w C:\WINDOWS\$NtServicePackUninstall$\ui2o9bnh.dat
+ 2005-04-24 12:15:22 2,678 -c----w C:\WINDOWS\$NtServicePackUninstall$\w7v1731f.dat
+ 2003-12-10 20:46:13 2,573 -c--a-w C:\WINDOWS\$NtUninstallKB810217$\spuninst\spuninst.bat
+ 2003-08-06 16:54:45 2,736 -c--a-w C:\WINDOWS\$NtUninstallKB817778$\spuninst\spuninst.bat
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB941693$\spuninst\updspapi.dll
+ 2007-03-08 15:33:58 1,843,712 -c----w C:\WINDOWS\$NtUninstallKB941693$\win32k.sys
+ 2006-06-26 17:41:32 148,480 -c----w C:\WINDOWS\$NtUninstallKB945553$\dnsapi.dll
+ 2004-08-19 23:09:22 45,568 -c----w C:\WINDOWS\$NtUninstallKB945553$\dnsrslvr.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB945553$\spuninst\updspapi.dll
+ 2007-06-19 13:32:25 282,112 -c----w C:\WINDOWS\$NtUninstallKB948590$\gdi32.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB948590$\spuninst\updspapi.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe
+ 2007-03-06 01:35:47 394,976 -c----w C:\WINDOWS\$NtUninstallKB948881$\spuninst\updspapi.dll
+ 2004-08-19 23:09:22 561,179 -c----w C:\WINDOWS\$NtUninstallKB950749$\dao360.dll
+ 2004-08-19 23:09:33 512,029 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexch40.dll
+ 2004-08-19 23:09:33 319,517 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexcl40.dll
+ 2004-08-19 23:09:33 1,507,356 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjet40.dll
+ 2004-03-01 18:52:15 358,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjetoledb40.dll
+ 2004-08-19 23:09:33 184,351 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjint40.dll
+ 2004-08-19 23:09:33 53,279 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjter40.dll
+ 2004-08-19 23:09:33 241,693 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjtes40.dll
+ 2004-08-19 23:09:33 213,023 -c----w C:\WINDOWS\$NtUninstallKB950749$\msltus40.dll
+ 2004-08-19 23:09:33 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\mspbde40.dll
+ 2004-08-19 23:09:33 421,919 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd2x40.dll
+ 2004-08-19 23:09:33 315,423 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd3x40.dll
+ 2004-08-19 23:09:33 552,989 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrepl40.dll
+ 2004-08-19 23:09:34 258,077 -c----w C:\WINDOWS\$NtUninstallKB950749$\mstext40.dll
+ 2004-08-19 23:09:34 831,519 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswdat10.dll
+ 2004-08-19 23:09:34 614,429 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswstr10.dll
+ 2004-08-19 23:09:34 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\msxbde40.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\updspapi.dll
+ 2003-06-26 21:56:49 2,177 -c--a-w C:\WINDOWS\$NtUninstallQ810565$\spuninst\spuninst.bat
+ 2007-09-18 19:06:55 2,560 ----a-w C:\WINDOWS\_MSRSTRT.EXE
+ 2008-06-25 15:03:08 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-14 17:59:52 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
- 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 18:02:28 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
+ 2000-08-31 06:00:00 89,504 ----a-w C:\WINDOWS\fdsv.exe
+ 2000-08-31 06:00:00 80,412 ----a-w C:\WINDOWS\grep.exe
+ 2007-12-07 02:08:32 124,928 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll
+ 2007-12-19 22:53:23 347,136 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtmsft.dll
+ 2007-12-07 02:08:32 214,528 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtrans.dll
+ 2007-12-07 02:08:32 133,120 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\extmgr.dll
+ 2007-12-07 02:08:32 63,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll
+ 2007-12-06 11:02:31 70,656 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe
+ 2007-12-07 02:08:32 153,088 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakeng.dll
+ 2007-12-07 02:08:32 230,400 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieaksie.dll
+ 2007-12-06 04:59:51 161,792 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakui.dll
+ 2007-12-07 02:08:32 383,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll
+ 2007-12-07 02:08:32 384,512 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iedkcs32.dll
+ 2007-12-07 02:08:33 6,066,176 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll
+ 2007-12-07 02:08:33 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iernonce.dll
+ 2007-12-07 02:08:33 267,776 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll
+ 2007-12-06 11:00:58 13,824 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe
+ 2007-12-06 11:03:16 625,664 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe
+ 2007-12-07 02:08:33 27,648 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll
+ 2007-12-07 02:08:33 459,264 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll
+ 2007-12-07 02:08:33 52,224 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll
+ 2007-12-08 05:08:36 3,592,192 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll
+ 2007-12-07 02:08:34 478,208 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll
+ 2007-12-07 02:08:34 193,024 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msrating.dll
+ 2007-12-07 02:08:34 671,232 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mstime.dll
+ 2007-12-07 02:08:34 102,912 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\occache.dll
+ 2008-01-11 05:36:55 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\updspapi.dll
+ 2007-12-07 02:08:34 105,984 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll
+ 2007-12-07 02:08:34 1,159,680 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll
+ 2007-12-07 02:08:34 233,472 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll
+ 2007-12-07 02:08:34 824,832 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
+ 2008-03-01 12:58:06 124,928 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 12:58:06 347,136 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 12:58:06 214,528 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 12:58:06 133,120 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 12:58:06 63,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:56:41 70,656 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 12:58:06 153,088 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 12:58:06 230,400 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 12:58:07 383,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 12:58:07 384,512 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 12:58:08 6,066,176 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 12:58:08 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iernonce.dll
+ 2008-03-01 12:58:08 267,776 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:57:05 625,664 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 12:58:08 27,648 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 12:58:08 459,264 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 12:58:08 52,224 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-01 16:28:10 3,591,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 12:58:09 478,208 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 12:58:10 193,024 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 12:58:10 671,232 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 12:58:10 102,912 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 12:58:10 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 12:58:10 105,984 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 12:58:10 1,159,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 12:58:11 233,472 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 12:58:11 826,368 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
+ 2007-03-21 16:58:40 4,145,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0/u00021090200C0400000000000F01FEC\12.0.6021\WRD12CNV.DLL
+ 2007-03-21 16:58:46 24,416 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0/u00021090200C0400000000000F01FEC\12.0.6021\WRD12EXE.EXE
+ 2007-05-10 08:25:40 14,677,368 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0/u00021090200C0400000000000F01FEC\12.0.6021\XL12CNV.EXE
+ 2005-01-17 18:16:23 2,238 ----a-r C:\WINDOWS\Installer\{21A127AE-2DAF-40B7-8374-34C3E629521C}\ARPPRODUCTICON.exe
+ 2004-01-02 12:09:18 2,238 ----a-r C:\WINDOWS\Installer\{5847474B-6E03-4C2F-8814-B990A1929700}\_18be6784.exe
+ 2004-01-02 12:09:18 2,238 ----a-r C:\WINDOWS\Installer\{5847474B-6E03-4C2F-8814-B990A1929700}\_2cd672ae.exe
+ 2004-01-02 12:09:18 2,238 ----a-r C:\WINDOWS\Installer\{5847474B-6E03-4C2F-8814-B990A1929700}\_4ae13d6c.exe
+ 2008-06-10 17:34:55 38,240 ----a-r C:\WINDOWS\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe
- 2008-02-14 00:14:12 167,936 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0050048383C9}\accicons.exe
+ 2002-01-01 02:02:43 167,936 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0050048383C9}\accicons.exe
+ 2002-01-01 02:02:43 2,560 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0050048383C9}\cagicon.exe
- 2008-02-14 00:14:12 34,304 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2002-01-01 02:02:43 34,304 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0050048383C9}\misc.exe
- 2008-02-14 00:14:13 8,192 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0050048383C9}\mspicons.exe
+ 2002-01-01 02:02:43 8,192 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2008-02-14 00:14:13 3,584 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0050048383C9}\opwicon.exe
+ 2002-01-01 02:02:43 3,584 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0050048383C9}\opwicon.exe
- 2008-02-14 00:14:13 114,688 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0050048383C9}\outicon.exe
+ 2002-01-01 02:02:43 114,688 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0050048383C9}\outicon.exe
- 2008-02-14 00:14:12 16,384 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0050048383C9}\PEicons.exe
+ 2002-01-01 02:02:43 16,384 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2008-02-14 00:14:12 30,720 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0050048383C9}\pptico.exe
+ 2002-01-01 02:02:43 30,720 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0050048383C9}\pptico.exe
- 2008-02-14 00:14:13 22,528 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0050048383C9}\unbndico.exe
+ 2002-01-01 02:02:43 22,528 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0050048383C9}\unbndico.exe
- 2008-02-14 00:14:12 45,056 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2002-01-01 02:02:43 45,056 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
- 2008-02-14 00:14:12 90,112 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2002-01-01 02:02:43 90,112 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2008-03-08 18:16:15 10,134 ----a-r C:\WINDOWS\Installer\{944F0F77-F26F-4D17-A440-6DA4CBE05B71}\callmsi.exe
+ 2008-03-08 18:16:15 136,448 ----a-r C:\WINDOWS\Installer\{944F0F77-F26F-4D17-A440-6DA4CBE05B71}\egui.exe
+ 2008-05-07 21:31:26 25,214 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A71000000002}\SC_Reader.exe
+ 2005-01-14 17:33:21 2,238 ----a-r C:\WINDOWS\Installer\{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}\ARPPRODUCTICON.exe
+ 2005-02-01 21:35:50 2,238 ----a-r C:\WINDOWS\Installer\{EE8592F6-FC2B-4AFD-B527-109D127C039F}\ARPPRODUCTICON.exe
+ 2005-04-24 12:15:20 2,678 ----a-w C:\WINDOWS\java\Packages\Data\BF7ND7JT.DAT
+ 2005-04-24 12:15:20 2,678 ----a-w C:\WINDOWS\java\Packages\Data\ENNTR3JL.DAT
+ 2005-04-24 12:15:20 2,678 ----a-w C:\WINDOWS\java\Packages\Data\OOFN7FBV.DAT
+ 2005-04-24 12:15:20 2,678 ----a-w C:\WINDOWS\java\Packages\Data\UI2O9BNH.DAT
+ 2005-04-24 12:15:22 2,678 ----a-w C:\WINDOWS\java\Packages\Data\W7V1731F.DAT
- 2000-08-31 07:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
+ 2000-08-31 06:00:00 28,672 ----a-w C:\WINDOWS\Nircmd.exe
+ 2004-04-16 08:06:48 2,010 ----a-w C:\WINDOWS\Plaxo\Users\376317834\Outlook\store.dat
+ 2000-08-31 06:00:00 98,816 ----a-w C:\WINDOWS\sed.exe
+ 2004-08-19 23:23:25 1,788 ------w C:\WINDOWS\ServicePackFiles\i386\dcache.bin
+ 2004-08-04 06:07:57 2,944 ------w C:\WINDOWS\ServicePackFiles\i386\drmkaud.sys
+ 2000-08-31 06:00:00 161,792 ----a-w C:\WINDOWS\swreg.exe
+ 2000-08-31 06:00:00 136,704 ----a-w C:\WINDOWS\swsc.exe
+ 2000-08-31 06:00:00 212,480 ----a-w C:\WINDOWS\swxcacls.exe
+ 2002-08-30 12:00:00 2,000 ----a-w C:\WINDOWS\system\KEYBOARD.DRV
+ 2002-08-30 12:00:00 2,032 ----a-w C:\WINDOWS\system\MOUSE.DRV
+ 2002-08-30 12:00:00 1,744 ----a-w C:\WINDOWS\system\SOUND.DRV
+ 2002-08-30 12:00:00 2,176 ----a-w C:\WINDOWS\system\VGA.DRV
- 2007-12-07 02:08:32 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-04-23 04:16:39 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2004-01-02 12:12:59 1,648 ----a-w C:\WINDOWS\system32\d3d8caps.dat
+ 2004-08-19 23:23:25 1,788 ----a-w C:\WINDOWS\system32\dcache.bin
- 2007-12-07 02:08:32 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-04-23 04:16:39 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-03-25 04:50:25 554,008 -c----w C:\WINDOWS\system32\dllcache\dao360.dll
- 2006-06-26 17:41:32 148,480 -c----w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-02-20 05:35:05 148,992 -c----w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-02-20 05:35:05 45,568 -c----w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
- 2007-12-19 22:53:23 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-04-23 04:16:39 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2007-12-07 02:08:32 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-04-23 04:16:39 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-12-07 02:08:32 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-04-23 04:16:39 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2007-06-19 13:32:25 282,112 -c----w C:\WINDOWS\system32\dllcache\gdi32.dll
+ 2008-02-20 06:51:00 282,624 -c----w C:\WINDOWS\system32\dllcache\gdi32.dll
- 2007-12-07 02:08:32 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-04-23 04:16:39 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2007-12-06 11:02:31 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-04-22 07:41:08 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2007-12-07 02:08:32 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-04-23 04:16:39 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2007-12-07 02:08:32 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-04-23 04:16:39 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2007-12-06 04:59:51 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-04-20 05:07:51 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2007-12-07 02:08:32 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-04-23 04:16:39 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2007-12-07 02:08:32 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-04-23 04:16:39 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2007-12-07 02:08:33 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-04-23 04:16:39 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2007-12-07 02:08:33 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-04-23 04:16:39 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2007-12-07 02:08:33 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-04-23 04:16:39 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2007-12-06 11:00:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2007-12-06 11:03:16 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-04-22 07:41:30 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2007-12-07 02:08:33 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-04-23 04:16:40 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2002-08-30 12:00:00 2,000 -c--a-w C:\WINDOWS\system32\dllcache\keyboard.drv
+ 2002-08-30 12:00:00 2,560 -c--a-w C:\WINDOWS\system32\dllcache\lz32.dll
+ 2002-08-30 12:00:00 2,032 -c--a-w C:\WINDOWS\system32\dllcache\mouse.drv
+ 2008-02-26 12:00:31 294,912 -c----w C:\WINDOWS\system32\dllcache\msctf.dll
+ 2008-03-25 04:50:28 518,944 -c----w C:\WINDOWS\system32\dllcache\msexch40.dll
+ 2008-03-25 04:50:30 326,432 -c----w C:\WINDOWS\system32\dllcache\msexcl40.dll
- 2007-12-07 02:08:33 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-04-23 04:16:40 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2007-12-07 02:08:33 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-04-23 04:16:40 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2007-12-08 05:08:36 3,592,192 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-04-23 20:16:42 3,591,680 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-12-07 02:08:34 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-04-23 04:16:40 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-03-25 04:50:34 1,516,568 -c----w C:\WINDOWS\system32\dllcache\msjet40.dll
+ 2008-03-25 04:50:40 355,112 -c----w C:\WINDOWS\system32\dllcache\msjetol1.dll
+ 2008-03-25 04:51:08 194,144 -c----w C:\WINDOWS\system32\dllcache\msjint40.dll
+ 2008-03-25 04:50:42 60,192 -c----w C:\WINDOWS\system32\dllcache\msjter40.dll
+ 2008-03-25 04:50:42 248,608 -c----w C:\WINDOWS\system32\dllcache\msjtes40.dll
+ 2008-03-25 04:50:44 219,936 -c----w C:\WINDOWS\system32\dllcache\msltus40.dll
+ 2008-03-25 04:50:45 355,104 -c----w C:\WINDOWS\system32\dllcache\mspbde40.dll
- 2007-12-07 02:08:34 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-04-23 04:16:40 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-03-25 04:50:47 432,928 -c----w C:\WINDOWS\system32\dllcache\msrd2x40.dll
+ 2008-03-25 04:50:49 322,336 -c----w C:\WINDOWS\system32\dllcache\msrd3x40.dll
+ 2008-03-25 04:50:52 559,904 -c----w C:\WINDOWS\system32\dllcache\msrepl40.dll
+ 2008-03-25 04:50:55 264,992 -c----w C:\WINDOWS\system32\dllcache\mstext40.dll
- 2007-12-07 02:08:34 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-04-23 04:16:40 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-03-25 04:50:57 838,432 -c----w C:\WINDOWS\system32\dllcache\mswdat10.dll
+ 2008-03-25 04:51:09 621,344 -c----w C:\WINDOWS\system32\dllcache\mswstr10.dll
+ 2008-03-25 04:50:58 355,104 -c----w C:\WINDOWS\system32\dllcache\msxbde40.dll
+ 2002-08-30 12:00:00 2,944 -c--a-w C:\WINDOWS\system32\dllcache\null.sys
- 2007-12-07 02:08:34 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-04-23 04:16:40 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-01-11 05:36:55 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-04-23 04:16:40 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-10-29 22:43:32 1,293,824 -c----w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2008-05-07 05:15:36 1,293,824 -c----w C:\WINDOWS\system32\dllcache\quartz.dll
- 2006-07-13 08:48:58 202,240 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2008-05-08 12:28:49 202,752 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2002-08-30 12:00:00 1,744 -c--a-w C:\WINDOWS\system32\dllcache\sound.drv
- 2007-12-07 02:08:34 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-04-23 04:16:40 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
- 2007-12-07 02:08:34 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-04-23 04:16:40 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2002-08-30 12:00:00 2,176 -c--a-w C:\WINDOWS\system32\dllcache\vga.drv
- 2007-12-07 02:08:34 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-04-23 04:16:40 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2007-03-08 15:33:58 1,843,712 -c----w C:\WINDOWS\system32\dllcache\win32k.sys
+ 2008-03-20 08:09:22 1,845,376 -c----w C:\WINDOWS\system32\dllcache\win32k.sys
- 2007-12-07 02:08:34 824,832 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-04-23 04:16:40 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2002-08-30 12:00:00 2,864 -c--a-w C:\WINDOWS\system32\dllcache\winsock.dll
+ 2002-08-30 12:00:00 2,112 -c--a-w C:\WINDOWS\system32\dllcache\winspool.exe
+ 2002-08-30 12:00:00 2,736 -c--a-w C:\WINDOWS\system32\dllcache\wowdeb.exe
- 2006-06-26 17:41:32 148,480 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-02-20 05:35:05 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
- 2004-08-19 23:09:22 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
+ 2008-02-20 05:35:05 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
+ 2004-08-04 06:07:57 2,944 ----a-w C:\WINDOWS\system32\drivers\drmkaud.sys
+ 2008-02-20 10:01:30 39,944 ----a-w C:\WINDOWS\system32\drivers\eamon.sys
+ 2008-02-20 10:02:22 29,704 ----a-w C:\WINDOWS\system32\drivers\easdrv.sys
+ 2008-02-20 10:11:16 33,800 ----a-w C:\WINDOWS\system32\drivers\epfwtdir.sys
- 2003-03-06 17:45:32 178,948 ----a-r C:\WINDOWS\system32\drivers\Fasttx2k.sys
+ 2003-08-06 08:43:04 159,744 ----a-r C:\WINDOWS\system32\drivers\Fasttx2k.sys
+ 2001-08-17 20:00:04 2,944 ----a-w C:\WINDOWS\system32\drivers\msmpu401.sys
+ 2002-08-30 12:00:00 2,944 ----a-w C:\WINDOWS\system32\drivers\null.sys
+ 2005-08-10 12:44:04 50,688 ----a-w C:\WINDOWS\system32\drivers\sfdrv01.sys
+ 2005-05-16 13:20:39 6,656 ----a-w C:\WINDOWS\system32\drivers\sfhlp02.sys
+ 2005-11-03 14:40:07 63,488 ----a-w C:\WINDOWS\system32\drivers\sfvfs02.sys
- 2007-12-19 22:53:23 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-04-23 04:16:39 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2007-12-07 02:08:32 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-04-23 04:16:39 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2007-12-07 02:08:32 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-04-23 04:16:39 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2007-09-02 08:32:33 1,443,480 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2001-12-31 22:01:28 1,461,240 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2007-06-19 13:32:25 282,112 ----a-w C:\WINDOWS\system32\gdi32.dll
+ 2008-02-20 06:51:00 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
- 2007-12-07 02:08:32 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-04-23 04:16:39 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2007-12-06 11:02:31 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-04-22 07:41:08 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2007-12-07 02:08:32 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-04-23 04:16:39 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2007-12-07 02:08:32 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-04-23 04:16:39 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2007-12-06 04:59:51 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2008-04-20 05:07:51 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2007-12-07 02:08:32 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-04-23 04:16:39 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2007-12-07 02:08:32 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-04-23 04:16:39 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2007-12-07 02:08:33 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-04-23 04:16:39 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2007-12-07 02:08:33 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-04-23 04:16:39 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2007-12-07 02:08:33 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-04-23 04:16:39 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2007-12-06 11:00:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-04-22 07:39:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2007-12-07 02:08:33 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-04-23 04:16:40 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2002-08-30 12:00:00 2,000 ----a-w C:\WINDOWS\system32\keyboard.drv
+ 2007-07-27 13:49:02 196,683 ----a-w C:\WINDOWS\system32\lnod32apiA.dll
+ 2007-07-27 13:49:02 225,355 ----a-w C:\WINDOWS\system32\lnod32apiW.dll
+ 2005-12-05 18:25:22 139,264 ----a-w C:\WINDOWS\system32\lnod32umc.dll
+ 2005-12-05 11:37:10 106,496 ----a-w C:\WINDOWS\system32\lnod32upd.dll
+ 2002-08-30 12:00:00 2,560 ----a-w C:\WINDOWS\system32\lz32.dll
+ 2008-03-25 02:32:44 218,496 ----a-r C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe
+ 2008-06-23 16:58:33 74,137 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
+ 2002-08-30 12:00:00 2,032 ----a-w C:\WINDOWS\system32\mouse.drv
- 2008-02-04 23:09:46 18,214,008 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe
- 2004-08-19 23:09:33 294,400 ----a-w C:\WINDOWS\system32\msctf.dll
+ 2008-02-26 12:00:31 294,912 ----a-w C:\WINDOWS\system32\msctf.dll
- 2004-08-19 23:09:33 512,029 ----a-w C:\WINDOWS\system32\msexch40.dll
+ 2008-03-25 04:50:28 518,944 ----a-w C:\WINDOWS\system32\msexch40.dll
- 2004-08-19 23:09:33 319,517 ----a-w C:\WINDOWS\system32\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 ----a-w C:\WINDOWS\system32\msexcl40.dll
- 2007-12-07 02:08:33 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-04-23 04:16:40 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2007-12-07 02:08:33 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-04-23 04:16:40 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2007-12-08 05:08:36 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-04-23 20:16:42 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-12-07 02:08:34 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-04-23 04:16:40 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2004-08-19 23:09:33 1,507,356 ----a-w C:\WINDOWS\system32\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 ----a-w C:\WINDOWS\system32\msjet40.dll
- 2004-03-01 18:52:15 358,976 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
+ 2008-03-25 04:50:40 355,112 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
- 2004-08-19 23:09:33 184,351 ----a-w C:\WINDOWS\system32\msjint40.dll
+ 2008-03-25 04:51:08 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
- 2004-08-19 23:09:33 53,279 ----a-w C:\WINDOWS\system32\msjter40.dll
+ 2008-03-25 04:50:42 60,192 ----a-w C:\WINDOWS\system32\msjter40.dll
- 2004-08-19 23:09:33 241,693 ----a-w C:\WINDOWS\system32\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 ----a-w C:\WINDOWS\system32\msjtes40.dll
- 2004-08-19 23:09:33 213,023 ----a-w C:\WINDOWS\system32\msltus40.dll
+ 2008-03-25 04:50:44 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll
- 2004-08-19 23:09:33 348,189 ----a-w C:\WINDOWS\system32\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 ----a-w C:\WINDOWS\system32\mspbde40.dll
- 2007-12-07 02:08:34 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-04-23 04:16:40 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
- 2004-08-19 23:09:33 421,919 ----a-w C:\WINDOWS\system32\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 ----a-w C:\WINDOWS\system32\msrd2x40.dll
- 2004-08-19 23:09:33 315,423 ----a-w C:\WINDOWS\system32\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 ----a-w C:\WINDOWS\system32\msrd3x40.dll
- 2004-08-19 23:09:33 552,989 ----a-w C:\WINDOWS\system32\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 ----a-w C:\WINDOWS\system32\msrepl40.dll
- 2004-08-19 23:09:34 258,077 ----a-w C:\WINDOWS\system32\mstext40.dll
+ 2008-03-25 04:50:55 264,992 ----a-w C:\WINDOWS\system32\mstext40.dll
- 2007-12-07 02:08:34 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-04-23 04:16:40 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
- 2004-08-19 23:09:34 831,519 ----a-w C:\WINDOWS\system32\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 ----a-w C:\WINDOWS\system32\mswdat10.dll
- 2004-08-19 23:09:34 614,429 ----a-w C:\WINDOWS\system32\mswstr10.dll
+ 2008-03-25 04:51:09 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
- 2004-08-19 23:09:34 348,189 ----a-w C:\WINDOWS\system32\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 ----a-w C:\WINDOWS\system32\msxbde40.dll
+ 2002-08-30 12:00:00 2,656 ----a-w C:\WINDOWS\system32\netware.drv
- 2007-12-07 02:08:34 102,912 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-04-23 04:16:40 102,912 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-02-11 08:39:26 253,952 ----a-w C:\WINDOWS\system32\OnlineScannerDLLA.dll
+ 2008-02-11 08:39:18 237,568 ----a-w C:\WINDOWS\system32\OnlineScannerDLLW.dll
+ 2008-02-08 12:53:46 110,592 ----a-w C:\WINDOWS\system32\OnlineScannerLang.dll
+ 2007-06-13 09:10:34 77,824 ----a-w C:\WINDOWS\system32\OnlineScannerUninstaller.exe
- 2008-03-04 12:34:16 50,532 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-06-04 12:17:46 50,532 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-03-04 12:34:16 60,864 ----a-w C:\WINDOWS\system32\perfc00C.dat
+ 2008-06-04 12:17:46 60,864 ----a-w C:\WINDOWS\system32\perfc00C.dat
- 2008-03-04 12:34:16 374,064 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-06-04 12:17:46 374,064 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-03-04 12:34:16 438,498 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2008-06-04 12:17:46 438,498 ----a-w C:\WINDOWS\system32\perfh00C.dat
- 2008-01-11 05:36:55 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-04-23 04:16:40 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2003-01-24 00:45:42 114,688 ----a-r C:\WINDOWS\system32\ptipbmf.dll
+ 2003-06-20 13:06:56 118,784 ----a-r C:\WINDOWS\system32\ptipbmf.dll
- 2007-10-29 22:43:32 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2008-05-07 05:15:36 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
+ 1999-05-03 16:16:00 1,022,976 ----a-w C:\WINDOWS\system32\SierraNW.dll
+ 1999-05-03 16:16:00 231,936 ----a-w C:\WINDOWS\system32\SNWValid.dll
+ 2002-08-30 12:00:00 1,744 ----a-w C:\WINDOWS\system32\sound.drv
- 2006-10-16 15:10:58 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 11:19:06 18,296 ------w C:\WINDOWS\system32\spmsg.dll
- 2007-12-07 02:08:34 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-04-23 04:16:40 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2007-12-07 02:08:34 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-04-23 04:16:40 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2002-08-30 12:00:00 2,176 ----a-w C:\WINDOWS\system32\vga.drv
- 2007-12-07 02:08:34 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-04-23 04:16:40 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
- 2007-03-08 15:33:58 1,843,712 ----a-w C:\WINDOWS\system32\win32k.sys
+ 2008-03-20 08:09:22 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
- 2007-12-07 02:08:34 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-04-23 04:16:40 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2002-08-30 12:00:00 2,864 ----a-w C:\WINDOWS\system32\winsock.dll
+ 2002-08-30 12:00:00 2,112 ----a-w C:\WINDOWS\system32\winspool.exe
+ 2002-08-30 12:00:00 2,736 ----a-w C:\WINDOWS\system32\wowdeb.exe
+ 2000-08-31 06:00:00 49,152 ----a-w C:\WINDOWS\VFind.exe
+ 2000-08-31 06:00:00 68,096 ----a-w C:\WINDOWS\zip.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-02-28 10:03 67128]
"Steam"="f:\program files\steam\steam.exe" [2008-03-28 18:39 1271032]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2004-10-08 13:06 196608]
"AtiTrayTools"="C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe" [2004-12-14 22:13 1071104]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-24 22:19 68856]
"LightScribe Control Panel"="C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2007-12-05 13:30 2295072]
"H/PC Connection Agent"="G:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-06-21 02:20 1211176]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 12:43 2097488]
"kernel"="C:\Program Files\kernel\kernel.exe" [ ]
"Router"="C:\Program Files\Router\Router.exe" [ ]
"Dot1XCfg"="C:\Program Files\Dot1XCfg\Dot1XCfg.exe" [ ]
"nvcoi"="C:\Program Files\nvcoi\nvcoi.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2002-07-22 02:10 577602]
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2003-04-04 13:38 774144]
"TCASUTIEXE"="TCAUDIAG.exe" [2003-02-13 02:55 1334784 C:\WINDOWS\system32\TCAUDIAG.EXE]
"PtiuPbmd"="ptipbm.dll" [2003-01-15 13:41 24576 C:\WINDOWS\system32\ptipbm.dll]
"aa"="rundll32.exe,ptipbmf.dll,Optimize" []
"zb"="rundll32.exe,ptipbmf.dll,SetWriteCacheMode" []
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2004-08-18 20:25 180269]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-04-26 07:06 29696 C:\WINDOWS\KHALMNPR.Exe]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 12:52 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-10-08 13:31 458752]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-10-08 13:24 217088]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2004-12-01 01:19 32768]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-12-31 21:32 155648]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2006-01-12 16:40 155648]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 12:06 1443072]
"Ptipbmf"="ptipbmf.dll" [2003-06-20 15:06 118784 C:\WINDOWS\system32\ptipbmf.dll]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]
"Microsoft DirectX"="PDSched.exe" []
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2004-12-01 01:19 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.xvid"= xvid.dll
"vidc.ffds"= C:\Program Files\ffdshow\ffdshow.ax

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"F:\\Program Files\\Steam\\Steam.exe"=
"F:\\Program Files\\Steam\\SteamApps\\capitainetarace@hotmail.com\\counter-strike\\hl.exe"=
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\softnyx\\GunBound\\GunBound.gme"=
"C:\\Program Files\\softnyx\\GunBound\\GunBound.exe"=
"G:\\UT2004\\System\\UT2004.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"G:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"=
"G:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"G:\Program Files\Microsoft ActiveSync\rapimgr.exe"= G:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"G:\Program Files\Microsoft ActiveSync\wcescomm.exe"= G:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"G:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= G:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-02-20 12:11]
R1 NPPTNT;NPPTNT;C:\WINDOWS\system32\npptNT.sys [2003-07-22 08:14]
R1 SandBox;Outpost Firewall Sandbox Driver;C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS [2006-09-26 18:24]
R1 VFILT;Outpost Firewall Kernel Driver;C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS [2006-08-30 10:46]
R2 tcaicchg;tcaicchg;C:\WINDOWS\System32\tcaicchg.sys [2000-06-07 11:08]
R2 TCAITDI;TCAITDI Protocol;C:\WINDOWS\system32\DRIVERS\TCAITDI.sys [2001-09-05 04:22]
R3 ADBLOCK.DLL;Outpost Firewall PlugIn (ADBLOCK.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\ADBLOCK.DLL [2006-08-30 10:46]
R3 ARP.DLL;Outpost Firewall PlugIn (ARP.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\ARP.DLL [2006-08-30 10:47]
R3 atitray;atitray;C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys [2004-10-25 22:12]
R3 CONTENT.DLL;Outpost Firewall PlugIn (CONTENT.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\CONTENT.DLL [2006-08-30 10:46]
R3 DNSCACHE.DLL;Outpost Firewall PlugIn (DNSCACHE.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\DNSCACHE.DLL [2006-08-30 10:46]
R3 FTPFILT.DLL;Outpost Firewall PlugIn (FTPFILT.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\FTPFILT.DLL [2006-08-30 10:46]
R3 HTMLFILT.DLL;Outpost Firewall PlugIn (HTMLFILT.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\HTMLFILT.DLL [2006-08-30 10:46]
R3 HTTPFILT.DLL;Outpost Firewall PlugIn (HTTPFILT.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\HTTPFILT.DLL [2006-08-30 10:46]
R3 IMAPFILT.DLL;Outpost Firewall PlugIn (IMAPFILT.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\IMAPFILT.DLL [2006-08-30 10:46]
R3 MAILFILT.DLL;Outpost Firewall PlugIn (MAILFILT.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\MAILFILT.DLL [2006-08-30 10:46]
R3 NNTPFILT.DLL;Outpost Firewall PlugIn (NNTPFILT.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\NNTPFILT.DLL [2006-08-30 10:46]
R3 POP3FILT.DLL;Outpost Firewall PlugIn (POP3FILT.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\POP3FILT.DLL [2006-08-30 10:46]
R3 PROTECT.DLL;Outpost Firewall PlugIn (PROTECT.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\PROTECT.DLL [2006-08-30 10:47]
R3 SECRET.DLL;Outpost Firewall PlugIn (SECRET.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\SECRET.DLL [2006-08-30 10:47]
S3 adiusbae;USB ADSL LAN Adapter;C:\WINDOWS\system32\DRIVERS\adiusbae.sys []
S3 ASUSHWIO;ASUSHWIO;C:\WINDOWS\System32\drivers\ASUSHWIO.sys [2000-03-29 08:17]
S3 CrystalCpuInfo;CrystalCpuInfo;K:\OCCT\CpuInfo.sys []
S3 LCcfltr;Logitech USB Filter Driver;C:\WINDOWS\system32\drivers\lccfltr.sys [2002-07-09 11:50]
S3 SOCKFILT.DLL;Outpost Firewall PlugIn (SOCKFILT.DLL);C:\PROGRA~1\Agnitum\OUTPOS~1\kernel\SOCKFILT.DLL [2006-08-30 10:47]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 18:57]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 18:58]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 18:59]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f6af4d11-2273-11dd-9c81-000c6e33e4c0}]
\Shell\Auto\command - M:\Start.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-25 17:04:39
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
--------------------- DLLs a charg‚ sous des processus courants ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
-> C:\Program Files\Logitech\SetPoint\lgscroll.dll
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
G:\PROGRA~1\MICROS~1\rapimgr.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-06-25 17:09:26 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-25 15:09:21
ComboFix2.txt 2008-03-07 17:04:35

Pre-Run: 1,670,471,680 octets libres
Post-Run: 1,817,690,112 octets libres

692 --- E O F --- 2008-06-20 11:00:33




et voici le rapport d'hijackthis


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:13:23, on 25/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\system32\TCAUDIAG.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
G:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
G:\PROGRA~1\MICROS~1\rapimgr.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack
O4 - HKLM\..\Run: [aa] rundll32.exe,ptipbmf.dll,Optimize
O4 - HKLM\..\Run: [zb] rundll32.exe,ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\
A voir également:

56 réponses

Précédent
Réponse 21 / 56
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
27 juin 2008 à 23:32
essaie avec celui la :
http://sd-1.archive-host.com/membres/up/1366464061/cfscrip.rar
@+
0
Réponse 22 / 56
StereoSushi Messages postés 31 Date d'inscription mercredi 25 juin 2008 Statut Membre Dernière intervention 25 février 2009
27 juin 2008 à 23:41
Bon idem même message d'erreur a propos du nom du fichier.

je suis perplexe, l'informatique a une âme

mon pc est plus fort que moi lol
0
Réponse 23 / 56
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
27 juin 2008 à 23:50
tu va essayer en le copiant toi meme...

le truc comme tu voies les lignes sont coupées alors ca risque de ne pas le faire alors fais en sorte que dans ton bloc note les lignes ne soient pas coupées

Copie le texte ci-dessous :

Folder::
C:\Program Files\kernel
C:\Program Files\Router
C:\Program Files\nvcoi

File::
c:\WINDOWS\Prefetch\NVCOI.EXE-20D4DD60.pf

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"kernel"=-
"nvcoi"=-
"Router"=-
[-HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\Curre­ntVersion\App Management\ARPCache\kernel]
[-HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\Curre­ntVersion\Uninstall\kernel]
[-HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\Curre­ntVersion\Uninstall\kernel]
[-HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\Curre­ntVersion\Uninstall\kernel]
[-HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Tracing\LccMe­dia\Crossbar\AdvancedTracing\Group]
[-HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\Curre­ntVersion\App Management\ARPCache\Router]
[HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\Curre­ntVersion\Run]
"Router"=-
"kernel"=-
[-HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\Curre­ntVersion\Uninstall\Router]
[-HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\Curre­ntVersion\Uninstall\Router]
[-HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\Curre­ntVersion\Uninstall\Router]
[-HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\Curre­ntVersion\App Management\ARPCache\nvcoi]
[HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\Curre­ntVersion\Run]
"nvcoi"=-
[-HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\Shell­NoRoam\MUICache]


Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://sd-1.archive-host.com/membres/up/1366464061/CFScript.gif

Cela va relancer Combofix,

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.

@+
0
Réponse 24 / 56
StereoSushi Messages postés 31 Date d'inscription mercredi 25 juin 2008 Statut Membre Dernière intervention 25 février 2009
27 juin 2008 à 23:51
j ai relancé combo sans le srcipt et il a fonctionné ( j'u cru un instant que combo était corrompu)

donc c'est le fichier qui ne fonctionne pas avec combo, pourquoi ????
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 56
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
27 juin 2008 à 23:52
regardes ma réponse au dessus
0
Réponse 26 / 56
StereoSushi Messages postés 31 Date d'inscription mercredi 25 juin 2008 Statut Membre Dernière intervention 25 février 2009
28 juin 2008 à 00:04
cool ca à marché cette fois, vraiment le monde du pc c'est parfois de la magie


ComboFix 08-06-20.4 - olivier 2008-06-27 23:55:03.5 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.906 [GMT 2:00]
Endroit: C:\Documents and Settings\olivier\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\olivier\Bureau\CFScript.txt
* Création d'un nouveau point de restauration
* Resident AV is active


[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE ::
c:\WINDOWS\Prefetch\NVCOI.EXE-20D4DD60.pf
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\WINDOWS\Prefetch\NVCOI.EXE-20D4DD60.pf

.
((((((((((((((((((((((((((((( Fichiers créés 2008-05-27 to 2008-06-27 ))))))))))))))))))))))))))))))))))))
.

2008-06-27 22:02 . 2008-06-27 22:02 <REP> d-------- C:\WINDOWS\LastGood
2008-06-26 00:12 . 2008-06-26 01:17 <REP> d-------- C:\Documents and Settings\olivier\Application Data\FileZilla
2008-06-25 17:12 . 2008-06-25 17:12 <REP> d-------- C:\Program Files\Trend Micro
2008-06-14 21:08 . 2008-06-25 18:01 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-14 21:08 . 2008-06-14 21:08 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-11 16:50 . 2008-06-11 16:50 118 --a------ C:\WINDOWS\system32\MRT.INI
2008-06-11 07:35 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-27 20:03 --------- d-----w C:\Program Files\EsetOnlineScanner
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 14:11 27,840 ----a-w C:\Documents and Settings\olivier\Application Data\GDIPFONTCACHEV1.DAT
2008-06-05 18:24 27,840 ----a-w C:\Documents and Settings\deborah\Application Data\GDIPFONTCACHEV1.DAT
2008-05-19 20:46 --------- d-----w C:\Program Files\MSECache
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 21:29 --------- d-----w C:\Documents and Settings\olivier\Application Data\AdobeUM
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2004-12-08 23:08 0 ----a-w C:\Documents and Settings\olivier\ut2k3mapsv3.dat
2004-12-08 23:08 0 ----a-w C:\Documents and Settings\olivier\sharedfiles.dat
2004-01-13 19:08 1,041 ----a-w C:\Program Files\INSTALL.LOG
2003-11-23 20:52 517 ----a-w C:\Program Files\STEREOSUSHI.plr
2003-11-23 20:52 32 ----a-w C:\Program Files\STEREOSUSHI.cfl
2003-11-23 20:52 0 ----a-w C:\Program Files\STEREOSUSHI.fav
2003-11-23 20:52 0 ----a-w C:\Program Files\STEREOSUSHI.chn
2003-11-23 20:52 0 ----a-w C:\Program Files\STEREOSUSHI.bud
2003-09-07 13:59 499,712 ----a-w C:\Program Files\cpuz.exe
2003-08-24 12:54 966 ----a-w C:\Program Files\cpuz-readme.txt
2003-07-09 23:45 243,223 ----a-w C:\Program Files\cd-client-3_3_1-en.exe
2003-06-09 13:41 34,451 ----a-w C:\Program Files\F55inf.EXE
2003-06-07 12:29 8,737,844 ----a-w C:\Program Files\QuickTimeInstallCache.qdat
2003-06-07 12:21 542,368 ----a-w C:\Program Files\QuickTimeInstaller.exe
2003-06-04 06:49 448,256 ----a-w C:\WINDOWS\inf\EL2K_N64.sys
2003-06-04 06:48 147,328 ----a-w C:\WINDOWS\inf\EL2K_XP.sys
2003-06-04 06:47 147,328 ----a-w C:\WINDOWS\inf\EL2K_2K.sys
2003-03-02 17:22 12,377 ----a-w C:\Program Files\cpuz.vxd
2003-03-01 15:52 4,084 ----a-w C:\Program Files\cpuz.sys
.

((((((((((((((((((((((((((((( snapshot_2008-06-25_17.08.55.85 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-25 15:03:08 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-27 17:15:23 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2005-10-20 18:02:28 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2007-07-27 13:49:02 196,683 ----a-w C:\WINDOWS\LastGood\system32\lnod32apiA.dll
+ 2007-07-27 13:49:02 225,355 ----a-w C:\WINDOWS\LastGood\system32\lnod32apiW.dll
+ 2005-12-05 18:25:22 139,264 ----a-w C:\WINDOWS\LastGood\system32\lnod32umc.dll
+ 2005-12-05 11:37:10 106,496 ----a-w C:\WINDOWS\LastGood\system32\lnod32upd.dll
+ 2008-02-11 08:39:26 253,952 ----a-w C:\WINDOWS\LastGood\system32\OnlineScannerDLLA.dll
+ 2008-02-11 08:39:18 237,568 ----a-w C:\WINDOWS\LastGood\system32\OnlineScannerDLLW.dll
+ 2008-02-08 12:53:46 110,592 ----a-w C:\WINDOWS\LastGood\system32\OnlineScannerLang.dll
+ 2007-06-13 09:10:34 77,824 ----a-w C:\WINDOWS\LastGood\system32\OnlineScannerUninstaller.exe
- 2008-02-08 12:53:46 110,592 ----a-w C:\WINDOWS\system32\OnlineScannerLang.dll
+ 2007-08-06 11:17:40 19,456 ----a-w C:\WINDOWS\system32\OnlineScannerLang.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-02-28 10:03 67128]
"Steam"="f:\program files\steam\steam.exe" [2008-03-28 18:39 1271032]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2004-10-08 13:06 196608]
"AtiTrayTools"="C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe" [2004-12-14 22:13 1071104]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-24 22:19 68856]
"LightScribe Control Panel"="C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2007-12-05 13:30 2295072]
"H/PC Connection Agent"="G:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-06-21 02:20 1211176]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 12:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2002-07-22 02:10 577602]
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2003-04-04 13:38 774144]
"TCASUTIEXE"="TCAUDIAG.exe" [2003-02-13 02:55 1334784 C:\WINDOWS\system32\TCAUDIAG.EXE]
"PtiuPbmd"="ptipbm.dll" [2003-01-15 13:41 24576 C:\WINDOWS\system32\ptipbm.dll]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-04-26 07:06 29696 C:\WINDOWS\KHALMNPR.Exe]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 12:52 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-10-08 13:31 458752]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-10-08 13:24 217088]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2004-12-01 01:19 32768]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-12-31 21:32 155648]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2006-01-12 16:40 155648]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 12:06 1443072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]
"Microsoft DirectX"="PDSched.exe" []
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2004-12-01 01:19 32768]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2003-11-14 01:26:29 110592]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 03:38:16 29696]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-02-28 10:03:29 67128]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\KEM.exe [2004-09-05 00:38:56 573440]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.xvid"= xvid.dll
"vidc.ffds"= C:\Program Files\ffdshow\ffdshow.ax

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"F:\\Program Files\\Steam\\Steam.exe"=
"F:\\Program Files\\Steam\\SteamApps\\capitainetarace@hotmail.com\\counter-strike\\hl.exe"=
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\softnyx\\GunBound\\GunBound.gme"=
"C:\\Program Files\\softnyx\\GunBound\\GunBound.exe"=
"G:\\UT2004\\System\\UT2004.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"G:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"=
"G:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"G:\Program Files\Microsoft ActiveSync\rapimgr.exe"= G:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"G:\Program Files\Microsoft ActiveSync\wcescomm.exe"= G:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"G:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= G:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-02-20 12:11]
R1 NPPTNT;NPPTNT;C:\WINDOWS\system32\npptNT.sys [2003-07-22 08:14]
R1 SandBox;Outpost Firewall Sandbox Driver;C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS [2006-09-26 18:24]
R1 VFILT;Outpost Firewall Kernel Driver;C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS [2006-08-30 10:46]
R2 tcaicchg;tcaicchg;C:\WINDOWS\System32\tcaicchg.sys [2000-06-07 11:08]
R2 TCAITDI;TCAITDI Protocol;C:\WINDOWS\system32\DRIVERS\TCAITDI.sys [2001-09-05 04:22]
R3 ADBLOCK.DLL;Outpost Firewall PlugIn (ADBLOCK.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\ADBLOCK.DLL [2006-08-30 10:46]
R3 ARP.DLL;Outpost Firewall PlugIn (ARP.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\ARP.DLL [2006-08-30 10:47]
R3 atitray;atitray;C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys [2004-10-25 22:12]
R3 CONTENT.DLL;Outpost Firewall PlugIn (CONTENT.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\CONTENT.DLL [2006-08-30 10:46]
R3 DNSCACHE.DLL;Outpost Firewall PlugIn (DNSCACHE.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\DNSCACHE.DLL [2006-08-30 10:46]
R3 FTPFILT.DLL;Outpost Firewall PlugIn (FTPFILT.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\FTPFILT.DLL [2006-08-30 10:46]
R3 HTMLFILT.DLL;Outpost Firewall PlugIn (HTMLFILT.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\HTMLFILT.DLL [2006-08-30 10:46]
R3 HTTPFILT.DLL;Outpost Firewall PlugIn (HTTPFILT.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\HTTPFILT.DLL [2006-08-30 10:46]
R3 IMAPFILT.DLL;Outpost Firewall PlugIn (IMAPFILT.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\IMAPFILT.DLL [2006-08-30 10:46]
R3 MAILFILT.DLL;Outpost Firewall PlugIn (MAILFILT.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\MAILFILT.DLL [2006-08-30 10:46]
R3 NNTPFILT.DLL;Outpost Firewall PlugIn (NNTPFILT.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\NNTPFILT.DLL [2006-08-30 10:46]
R3 POP3FILT.DLL;Outpost Firewall PlugIn (POP3FILT.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\POP3FILT.DLL [2006-08-30 10:46]
R3 PROTECT.DLL;Outpost Firewall PlugIn (PROTECT.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\PROTECT.DLL [2006-08-30 10:47]
R3 SECRET.DLL;Outpost Firewall PlugIn (SECRET.DLL);C:\Program Files\Agnitum\Outpost Firewall\kernel\SECRET.DLL [2006-08-30 10:47]
S3 adiusbae;USB ADSL LAN Adapter;C:\WINDOWS\system32\DRIVERS\adiusbae.sys []
S3 ASUSHWIO;ASUSHWIO;C:\WINDOWS\System32\drivers\ASUSHWIO.sys [2000-03-29 08:17]
S3 CrystalCpuInfo;CrystalCpuInfo;K:\OCCT\CpuInfo.sys []
S3 LCcfltr;Logitech USB Filter Driver;C:\WINDOWS\system32\drivers\lccfltr.sys [2002-07-09 11:50]
S3 SOCKFILT.DLL;Outpost Firewall PlugIn (SOCKFILT.DLL);C:\PROGRA~1\Agnitum\OUTPOS~1\kernel\SOCKFILT.DLL [2006-08-30 10:47]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 18:57]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 18:58]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 18:59]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f6af4d11-2273-11dd-9c81-000c6e33e4c0}]
\Shell\Auto\command - M:\Start.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe

*Newly Created Service* - CATCHME

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-27 23:57:38
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-06-27 23:58:56
ComboFix-quarantined-files.txt 2008-06-27 21:58:38
ComboFix2.txt 2008-06-27 21:47:24
ComboFix3.txt 2008-06-26 21:13:15
ComboFix4.txt 2008-06-25 15:09:28
ComboFix5.txt 2008-03-07 17:04:35

Pre-Run: 4,347,645,952 octets libres
Post-Run: 4,330,995,712 octets libres

194 --- E O F --- 2008-06-20 11:00:33
0
Réponse 27 / 56
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
28 juin 2008 à 00:06
ouèp ;-)
tu avais passé le scan en ligne en faite ?
0
Réponse 28 / 56
StereoSushi Messages postés 31 Date d'inscription mercredi 25 juin 2008 Statut Membre Dernière intervention 25 février 2009
28 juin 2008 à 00:11
bein je l'ai arrêté quand tu m'a écris que cela ne servirai pas a grand chose

je peux le relancer et aller me coucher rejoindre mon épouse et mon petit bout de choux de 3 mois

comme ca demain on aura une vu du scan en ligne

qu'en penses tu ?
0
Réponse 29 / 56
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
28 juin 2008 à 00:13
ok cours les rejoindre ;-)

fais plutôt celui la alors :

Fais un scan en ligne Kaspersky avec Internet Explorer :
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
-> Click sur Démarrer Online-Scanner
-> Click maintenant sur J'accepte.
-> Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
-> Patiente pendant l'installation des Mises à jour.
-> Choisis par la suite l'analyse du Poste de travail.
-> Sauvegarde puis colle le rapport généré en fin d'analyse.

bonne fin de soirée :)

@ demain`
0
Réponse 30 / 56
StereoSushi Messages postés 31 Date d'inscription mercredi 25 juin 2008 Statut Membre Dernière intervention 25 février 2009
28 juin 2008 à 11:31
coucou girly, une bonne nuit ca fait du bien.

j'espere que tu t'es bien repausé toi aussi .

donc voici le rapport kaspersky

je t'es sorti les lignes infectées, comme ça t'as pas a lire un fichier indigeste en format bloc note

a+

H:\install_CCleaner_.exe Infecté : Trojan.Win32.Shutdowner.lc ignoré
C:\QooBox\Quarantine\catchme2008-06-25_170103,60.zip/nvcoi.Vexe Infecté : Trojan-Downloader.Win32.Agent.ltf ignoré
C:\QooBox\Quarantine\catchme2008-06-25_170103,60.zip ZIP: infecté - 1 ignoré



KASPERSKY ON-LINE SCANNER REPORT
Saturday, June 28, 2008 11:07:38 AM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 28/06/2008
Enregistrements dans la base antivirus Kaspersky : 796205


Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai

Cible de l'analyse Poste de travail
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
L:\

Statistiques de l'analyse
Total d'objets analysés 200208
Nombre de virus trouvés 2
Nombre d'objets infectés 3 / 0
Nombre d'objets suspects 0
Durée de l'analyse 02:47:35

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users\Application Data\ESET\ESET NOD32 Antivirus\Charon\CACHE.NDB L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\ESET\ESET NOD32 Antivirus\Logs\virlog.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\ESET\ESET NOD32 Antivirus\Logs\warnlog.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0028f94985dbcf738d0a120a07f22d56_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0087ba63bab9927b711d9bcabd02d40f_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\00cf7ce335d844e28d3d0dddfd1a4747_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\018387762110d3c92f960018d9526863_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\019d1e5eb3ffbbfb13cd070c0a0c5971_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\021ab2eb2fddb74db9ea1c9118b5e607_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\02eb8b0b0c6e52e2050527cc2c2a3057_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\04cc6eccfd4d846c34f118c18151cad2_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\056adc4d952c2b7da7d51f9c429fbf82_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\05bf704a19d49a8a199d19716b4e5afb_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\06fcb59b03c8e09dff52e39b677d131b_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0822a2c47b371139d92d176f8924eacc_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\082ab0d5ddb020c62daee055abc14175_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\086b00a411e80e81e947bc35b10ba40a_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\08704dc9e9190320103c12bafa60ee2e_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\088502b499f495fe1ea5b518d9783fd9_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\08a451b1e58037c404cb33cdb93f787d_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\08d1aa1f3c5d488c5cbc484344b19582_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\08e295f91498550b5b526164bbc55091_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0a320c8046e866ae78085f184c356e08_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0b7b2c343064e165f25ad01b89c0d2c9_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0db4a81f94d085b7f7abcabdaf32bf7a_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0dd7e32eee80fb6274e943324460d23d_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0e3c92fd64d70436ed95ff5b27a2e055_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0f1a1582afb4ae3226241fbba67e862d_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0f1df3b76deab0820448fb5b1c9a2ccd_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0f4014d59cae0f6a7742eae657650ee3_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0f541e533ba468f37b29cfdc658f9511_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\11830974976615bea36a2fddfb0c5aed_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\126720d01ec6f7ea3c4f2ce2443fa5c8_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\12dcf131658af97ed00480d809c6ed87_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\133668232f19e320a7b5712538f4d295_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\13e8393fcd98521bc6e748a0f54119bf_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\143d3e30f5926247cef0839d609afe3d_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\152056906b5f37f0a2127e70d776b3e7_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\15c4d5f16444d9b015ef0357f794eef1_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\166029189e7b2794b0af6edd296ee5ba_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\17372c95f035ae1312ced9cc85683083_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\18bec82ef25d92fa0686a101ece86d4e_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\18d65903f7b23b23c122f901dd6852a0_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\194b5c6f12b078b3e1660c8286bebe7c_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\196327938515cb7e61a25140d000b6c2_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\197530b8a8a9de7e2c36387201620c88_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1a15ea6a332ecb2b32a961efd15f16eb_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1a6e3cc8dd99f73687a555750b03de60_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1b76cb7fcf272b60ec7008fd7d2ad592_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1b91ac8ed37b1118ac85c774d425352b_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1bc433453ca719753bd9c169fb2dc88d_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1bfb322c52062a78be1ad9bcc53b5e09_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1c3f9d2d46cb4ccfd6779e807f0f26e5_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1d1dbd990b546dcfbc322fcb1f7aac13_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1dae4d673757eded3f6365e64b36e2b2_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1dcaab1eb7a0fc2156d1b469c727ecd1_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1dfbd8f09b05132acae67e8684af69a9_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1e3cc2efc46c86ab46c751b64f351cdc_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1e81f170ef2202c2eff016a9dba02fdf_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1f5965c2be2b95241998c8a5bacf309f_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2153dcf8a16b79df3565c088329eb47d_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\21cd55a4b5a0289ed013e78af3ae809e_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\21e9af5c45e0c25fcf33daa5b9cdbc86_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2236277d49af03b676c16457c7e638c4_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\228cd605407bdbe76cbb079909a34e5d_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\22d80f11657a7d9c3e5bd4b7f5dd1d2d_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\23103eec8b7694e745ffd6e8af453eb2_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\236d8b1797fa05bc14f1ea8a1ea50440_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\252ec6b41c9a90277d9547516c0372d4_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\267ceaedb43ec1d4fcad3b69f66890f3_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\268317c8e6b09c4cbe263d601a1850d0_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2684072fe509edadf40f258e8a5edcf0_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\26b01c346692f4fcb6b0978fcee06964_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\26f189dd9bf04655f21c9914eb15a1dd_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\27023d0e116241d4badc92a83556c14b_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2770589bacf0a569003a86fa1a6bf98d_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\27785830da53e68cd1c759a1fb5ac08c_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\27bd676c43abc114374818edd1fe6481_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\28a04b4775d7908d519dda9f08fedfad_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\28d7f78837727be58ca9358fa6c3e0aa_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2b59a28629a1c08c49aecbf87f4d3aaf_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2c837383cf19b3817d0482bb5b2a19e6_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2cdaaec928a2160cabdf3cc84fbf5210_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2d385b62830b5e026ad7f13e772441da_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2d799957c740474b8bdba7392846fe46_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2de2bebcabec2cbc88b96f5c32c4e371_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2e3893d69e5812c7e11311ed7bf940d8_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2f3f2c3b9ac099f1ca9846fabc612f60_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2f7aafe27dc969bec570b0b270a34f2f_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3044121aebf6da79583fe67f5e56b418_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\30510edaf95238a207a3f6b2ccd10842_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\308cba56cf97c3ec5682b1baf85ca376_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\312ca74594b990e14c064a802525619c_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3199c40ef8964ffe670d938ad97596ab_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\328303958c0855527549c92bcb705089_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\32b8e2c1f4a12786ff5c2481a1144691_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\33067278c6f5f16b343fce8f6c93ecbe_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\33fa09d02359ebb5dc0d9aec6b7038e8_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3401f890d326c81cf02571b13f4520a4_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\348a7821d4f3836110849713bf4be625_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\35778671e772312fa1db2954495ec68e_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\35cf7a3a62da0246b2a973f8cf738e9b_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\35e529a4c3359e794c1d118c726af363_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3603a547990ad8654eaa12e044118fe7_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\36a25ec9a5263323c0c43ba69397341e_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\36c58cd98fc69ee7a5dc03836e0f0077_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3751e2df70028c207db92b740fbc3c34_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\391bffae43fb37e1586cc1ac3e52c07c_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\396b52620ad915a2102f97de1852cb88_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\39c453ac29668eb05491e895328e14c2_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3b2c4b05b1464d7ad1ea408e44f6cb59_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3b3035c4863d7c39392a0f2dcc64e3e0_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3b4c75a9f506255ee13cfbc3932fbe84_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3b9e17bf416b1b2fc71a25c179ee7a4f_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3c6198fdd7c4689e1e2d8a88e1c81b40_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3d1608de6f2f125f4ad9bc0bc8c66287_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3e11d5c216efb5b69991bfb0a75980ea_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3e2a1fbce76f9d300e9df4d1053b9623_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3e8c6779e20e7273e1aed1a8fca2f882_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4020eee2abbdd66be32595ffac637d8a_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\404ab833f0796746a606ec95c3401830_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\408b9546cb7a2bc73e665a3146973ed7_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\410b327a78f98513297015495b3ca1e7_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\41c971f367b5c5e32eb9b1413e5b48b7_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\41cea166c83f8c1df177aa1b7c9c6819_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\420cbcb8fbe8da48405af165fabf3389_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\42715ba9a6d8e6ff41dfee28bee656ff_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\43cadd7796de17dfe264d9d9c90e9bd2_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\43f45f1967cd8c2d812b5f7d5920f912_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\45a66c8c6dd2af466b2b4b63f771c275_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\46314d06812d9da05312ebd9829b80c2_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\471ff14fbd944e33cb368ca287ad7c27_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4818fc1d40c29217059a7ca5ee89ae73_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\48d8aecf38fb14c1ee520e91c95ff62c_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\49a210e139ed15a0b4e0c2f4da818212_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\49a2e028464ef176235835d28941c6ec_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\49bdf224b9555ae1d322bdb881a57a16_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4aa79ac2286474151d0ab02d323554de_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4ae1e6f8a5927bc6f24a5ec1c7393678_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4af76c18ad1a8767fa24bfbe9688ac25_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4be43511b1a4bd95a962be49f60cef62_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4fdb634c40269c846bdf7b5c261322b0_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5001c523ba75e1e988fec83080cc0898_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5044fd4eef47ec659ce1dc07797e576a_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\50c0f55a437f036cd1969c7579c279d0_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\50ea997937ad4d939baa44798b4b1d57_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\51ef408ead5207460923577ac470a71e_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\51f2d324dd04cf6e8776760d2867fece_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\529afd6b3f383076a9f240f77b2c373c_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\52a98963db9480fde5b3f4451b854606_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\52c16ce89312efc0d6f54b788ad0b078_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\52ce11a65b1639709a270095e5fc24a7_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\54e9725796b18715af1f84c446ee637b_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\54f23494cc27adabbfa73dafa30ecea2_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\54f439484952b882d3faae7efcdba615_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\55148d0a413855b434c8ffb9a8045daf_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\55e3794694be210a57de0058b0238060_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\580a4343d31359d79d18a0078b975998_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5834cd6d5fa1f5cf755282a2302860ea_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5847814060a7dc534611cfc0f0b034cb_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\59c336a5ce009133cd15c6d73226d669_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5a06cbba1fbaaee16db01d90e1beaf83_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5a7380c0ead96dd561495c3d65c05d5a_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5ac5988ffe262fe218612308bee46d07_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5acff4ff27436427d294d13a16ebfd18_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5b21bea8934723214bbaa17f44743f1e_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5bfb0530f8d4c0cfa4520a3d2f7db579_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5c5ca1985726d00376cb4c3caf9778fa_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5c681e6ba2f2a7aec63fdba69be98130_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5ce66af6a6fa68dccca6960ae0e9240e_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5d2ab2e7218f6206cc814a73dcc43225_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5dd5eb530ef238559689396293f565ef_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5ed0103874889ea6867f6ad0f1437ff8_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5f7890519a11c9083bbd3e97d9e1774a_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5fca49854f63ef49d8c4fa8ecfc487d2_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6004ecfc14e996acae2325093086c73f_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6085ed55804f8597f70ba539c3c63fe9_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\60ecf9e5519da89e31a87a4602d0123b_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6157f397dd15a0722fcf12a2927de763_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6293d491c5957eef130b8833250c0d57_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\63292a2206cfda843e94c43ac943f432_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\63ca198eaa7655e633af03572b96d07e_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\64bbc0bc2d4b598484a2fc7f8d378cbe_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6535aa266141ca0f4614076d8a4740e6_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6586f8fd4a595cd73e8b80bd3ed5c7cb_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\662b4c61ea42c0d65e4da4902cd54509_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\66366ad8caff25880976098f448c434f_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6680dba518972f33219e715e6e937648_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\671a1cbdcfe640cafeb36e17267875cc_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\67663330237d453d714702942f45591f_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6962c38f4c98f186e9ecef8038656290_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\699be4b8c0b57c126d3bc05e9401efd2_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6a844065a604140baadf899a87f4cb36_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6ae3f40272591ee6bface8f3ce7cb4c6_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6ba2438a847c8e64091c2aef17bd3765_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6bc938a3883bd322986df5d7f3a253ac_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6c6246be0d00a5d464a55fb9544d21b3_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6c6eb67f20e8d77e7540d9b7df90225b_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6c7ab72ffe1837f44780acf95a00731d_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6cf17168628d8b506ae33d0678f86fb0_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6d2ef57a1a817beaf62154c90a9ca0d2_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6db13da4d77a8ba4ed550bf475a26ddf_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6de9a786a0e64e9749418b2c6e6e0c3e_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6ea3d653f960bf107c6efe088d9ecf56_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6fdfda8d8c6222061e07eb8b1765d9c8_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\70293fb063b122ab4d0b4aa6093d5ce4_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\711ed7ee45f45cc0cfaeadcaec82dd7b_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\71857566b2271dd7afe8c229496dbc10_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\72b50bcd937673b5106730734b6fa590_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\730e5d52f1f1025fdabfb73cd85ae7f4_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\73357729d44651e1d4abfd1877da063a_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\73c1422e566dae51e44d1bf6db5428eb_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\73ed80b4c6e6309a1283381062d72491_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\748e6c984a0352f3e3f7cbdd9740b8ee_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\74b2a70365e589bd7d9f3cea6bcc17fa_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\74cff2b8fa199428d38c3ee5e9976dd7_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\74f7d973645185d7fc05c52303e85af8_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\756366c5582c1c27ebf93bc4b02548b3_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7643cdc74dcff0dafc4b1475f1c57055_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\768c3cd473aecb9182a1b984e8a9a0e6_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\772a07ec107c178ddb06121d89fa0cc3_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7757e64a1d5d087df85ab250537c27d6_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\791b13cc3101bde76534c76ebad10a9f_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\79b6e3fa52efd2edde16e50f62e7cbaa_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\79fec5f733d807817ec8daa1ef833a49_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7a1b6dc6c0a47fcbcc685f385f0f395c_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7a20df053640fc03f8845fcf7ee4b9ef_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7ad9f201f2976a8c42af78b93ac4c6b5_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7bae78b742ab27b0d7e717009424184b_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7ce7c11e1b70cffe56712fb9107e9187_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7cec5d6c3cbbc41aaeb179d49869d5a4_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7cfb713c1c88bbf9d31f89ba9e014f1f_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7d2192f8ee495f554a31d95084983a36_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7d22d37e0a0272620b3609fe97430b37_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7d919ffbc93e19f3d46951c76486acaa_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7da5e5289750f5ef9a6b60015c360d42_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7dcf5b7639d68c628d0e15646c39df53_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7e082bf769ec8c625f8ff6753def94e9_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7e1054bedaf8f62d02eb89a57867293e_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7e2c0d0a6bd68617b93239a2d2898449_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7e34e82b9098cf2cfc1baee729a22228_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7e542543e0229f4c9deed768f1c6c944_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7e66d574bd38e1ba4fafa25f5e8491ca_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7ec30daad6beb673b0f51f59aaf4ac09_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7f740f8e98e831909e3ed19704baa8dc_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8061b86ce958ec54dd575c191f5ecbed_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\81465c0f8a372c607da47998beca7153_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\817b6824e58aebdd464e19f0416b64f3_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\838d87394a1dcc14e8985dfce74a8cf5_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\83e4296c6a91d725b1fa14fe51b8cd81_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\842e1f5c0ac27c23951a10afabd116f0_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\849e5013e67bf27e30bcb89c88b900f6_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8539c7af4d8f81c68f76334387b8ed86_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\85e3250237e34b58dd09d27c93ec9be2_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\862ec9c52e50bae57156af64b8b9cc55_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8703b0c6bc295fcf1352a158c6624286_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\87ce1902b33bfd764dfba38e4d69c302_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\888821109092c4635001ddced4253652_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\88e3c0e031486ec3361d04ff331e07d5_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\893758f3408b304259777a01ee85c629_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\89ad1a08f8a1582c7d5c345ec7577e90_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8a849e451835575057cd1f72186b637f_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8ae6426cc73f6358aa1e067b1a1c632f_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8aeda32de272db44edaa5494600a7300_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8b4897119c95f01a21d5d876f0c1d13d_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8bfa4b8d3b0fd2281ff9d8788a3be938_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8cac579db7f6a9e1356c66d9a499da2b_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8d1de74779b5abd313c4a219b424d418_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8e29da1eba90f308050d67223f177537_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8e3a0b991fce9afc512c688448c98eec_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8f7c6a30bc9e1d872f9d3f2d19fa7f52_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8f944ab0befb19ca3251e08f02ce66b9_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\907c400b3e6d2ebe28ede832d8ef2178_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\90d52cb76cea0d327d538efb9049518b_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\91655eb9f113023cddf2499e9c9c36e1_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\91a21037fe8d999936dc380fb4c8de63_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\91ae74fbc74215835c05db9f6b2881f8_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\91b1b6e6e4e4b2c56ab40a99f0de230c_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\91c9b5c4879affbefe369a1141959773_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\91fb2e0dfd620cfbaea1481b2f3fe01c_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\92198778ad69855636a203eb102876b9_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\921ef6bdb95b31badf3163d62532e50e_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9227614dcf3b085760f0277ad4dad044_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\93205c157145d2813139699427559af0_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\93578129203ddaa6512a3197ef79dc50_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9363e353391d3943290bea0c752b9cee_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\939b405a6f85b341359a92fd3ba5d586_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\93b52b67bbed967b0337876862a3ab97_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\93ee20cc45447505c080fe9c56685492_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\93f9cbbd381c565b5374a1153e60fa00_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\94038870a5ec0e70dbb1f53a1c5167b4_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\943d4805b4133d0911213d9f8784eb7f_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\94a5dd23a544a5d09e9e3c8f980c5e7a_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\94f00b3379dbaed4f714387922e2eecd_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\955ecc3d340368f71c4a1e3afec07920_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\95ab2dca119268d787c2ea5255a2ee73_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9609fa277a721e6cd9eb4a65e985c337_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9680191664768c050a1645acd4862e9f_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\969244a228e84c2c5191857fe4ae4749_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\97cc641128c8354b3db6ab7bcbeaa0bb_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\980327d456065933765df070ba801a86_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\981b0b1775cbf57b00fa7edba96dc146_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9824c7668546309bc2d2a63f1f68f79f_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\98440566c26104e431e32c8b540e0457_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\98a692f9b4d41fa254be6c0d8b419e24_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\98b411ed639ae8b302f83ffba121f514_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\99038af41bef3237a40437705ce216d4_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\991e3f106ff58efeb747935e128af10b_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\995db2c1ef8c60b5b2d6739098b40d4b_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\998ccd17e1ef6aec475f39e650170f3f_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\99ba11b95afa46fc879bdde0bc75a377_7a02b94d-0519-412d-85b1-90b2b613fb2f L'objet est verrouillé ignoré

C:
0
Réponse 31 / 56
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
28 juin 2008 à 12:48
Salut stereo sushi ( marrant comme pseudo ;)

oui j´ai bien dormi, merci`

bon ca a l´air ok; cependant je me demande bien ce qu´il est advenue des fichiers b152, b153 ect comme le titrait ton message ?!

post un dernier rapport hijack this

@+
0
Réponse 32 / 56
StereoSushi Messages postés 31 Date d'inscription mercredi 25 juin 2008 Statut Membre Dernière intervention 25 février 2009
28 juin 2008 à 13:12
oui moi aussi je me demande que sont ils devenus

car je ne les ai pas inventé ces petits b....

donc 1 hijack this et je t'envois le rapport
0
Réponse 33 / 56
StereoSushi Messages postés 31 Date d'inscription mercredi 25 juin 2008 Statut Membre Dernière intervention 25 février 2009
28 juin 2008 à 13:15
voice le rapport






Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:14:07, on 28/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\system32\TCAUDIAG.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
G:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
G:\PROGRA~1\MICROS~1\rapimgr.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Steam] "f:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [H/PC Connection Agent] "G:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Router] C:\Program Files\Router\Router.exe
O4 - HKCU\..\Run: [nvcoi] C:\Program Files\nvcoi\nvcoi.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/france.exe
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://downloads.winwise.fr/Common/npwwg.cab
O16 - DPF: {08BEF711-06DA-48B2-9534-802ECAA2E4F9} (PlxInstall Class) - http://down.plaxo.com/down/release/PlaxoInstall.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.mypixmania.com/fr/fr/importer/MypixUploader.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - https://www.fileplanet.com/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/18d695057b660be93e18/netzip/RdxIE601_fr.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1094161209406
O16 - DPF: {68BCE50A-DC9B-4519-A118-6FDA19DB450D} (Info Class) - https://worldofwarcraft.com/en-gb/error/410
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://www.gamespy.com
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - https://www.pandasecurity.com/?ref=www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A40ED8B3-F960-11D4-8DF3-89955D701717} (TestLABCPUContrôle) - http://users.skynet.be/sky37131/TestLABCPU_proj.ocx
O16 - DPF: {ABB08127-7417-11D4-8566-00500448008D} (Chat Class) - http://downloads.winwise.fr/Common/npchatlax.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - https://live365.com/
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://guard.gunbound.net/nProtect/keyCrypt/npkcx.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
O23 - Service: RadClock - Unknown owner - C:\WINDOWS\system32\RadClock.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
0
Réponse 34 / 56
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
28 juin 2008 à 13:16
ils auraient du être visibles dans le rapport combofix, mais pas de trace !?
@+
0
Réponse 35 / 56
StereoSushi Messages postés 31 Date d'inscription mercredi 25 juin 2008 Statut Membre Dernière intervention 25 février 2009
28 juin 2008 à 13:22
Donc je ne suis plus infecté par des trojans ????
0
Réponse 36 / 56
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
28 juin 2008 à 13:33
malheureusement si...

routeur et nvcoi sont de retour...

a l´aide de hijack this coche et fix :

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/france.exe
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://downloads.winwise.fr/Common/npwwg.cab
O16 - DPF: {08BEF711-06DA-48B2-9534-802ECAA2E4F9} (PlxInstall Class) - http://down.plaxo.com/down/release/PlaxoInstall.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.mypixmania.com/fr/fr/importer/MypixUploader.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - https://www.fileplanet.com/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/18d695057b660be93e18/netzip/RdxIE601_fr.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {68BCE50A-DC9B-4519-A118-6FDA19DB450D} (Info Class) - https://worldofwarcraft.com/en-gb/error/410
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://www.gamespy.com
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - https://www.pandasecurity.com/?ref=www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A40ED8B3-F960-11D4-8DF3-89955D701717} (TestLABCPUContrôle) - http://users.skynet.be/sky37131/TestLABCPU_proj.ocx
O16 - DPF: {ABB08127-7417-11D4-8566-00500448008D} (Chat Class) - http://downloads.winwise.fr/Common/npchatlax.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - https://live365.com/
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://guard.gunbound.net/nProtect/keyCrypt/npkcx.cab

comment fixer :

Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)

-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

puis

ta version de acrobat reader n´est pas a jour, tu veux la version 8.1 derniere en date alors desinstale ta version par le panneau de configuration / ajoue et suppression de programme

et instale la derniere :

https://get2.adobe.com/reader/otherversions/

ou oublie completement acrobat reader et instales foxit plus léger a la place:

https://www.clubic.com/telecharger-fiche13808-foxit-reader.html

et

installes :

spywareblaster :

http://www.brightfort.com/spywareblaster.html

c´est un resident, il suffit de le mettre a jour de temps en temps car la version gratuite ne le fait pas toute seul , une fois installé et mis a jour tu mets toutes les protections sur "enable"

tuto : https://www.malekal.com/tutorial-spywareblaster/

et encore :

Télécharge OAD http://sosvirus.changelog.fr/OAD.exe
- Enregistre le sur ton bureau

Double clique sur le OAD pour le lancer

- nom de fichier à rechercher tape ou fais un copier coller de :

b153

- Type de recherche : sélectionne l'option 6 puis valide

OAD va maintenant rechercher le fichier. Laisse le travailler jusqu'à ce qu'il en ait terminé.
Le rapport de recherche s'affichera automatiquement à l’écran dès qu'il aura terminé.

- Fais un copier / coller de ce rapport dans ton prochain post.

Note importante : Suivant la taille des disques durs cette recherche peut prendre plusieurs minutes. Sois patient

puis

repasse combofix

donc post le rapport de oad et celui de combofix.

@+
0
Réponse 37 / 56
StereoSushi Messages postés 31 Date d'inscription mercredi 25 juin 2008 Statut Membre Dernière intervention 25 février 2009
28 juin 2008 à 15:34
voila le post AOD


28/06/2008 ---- 15:18:33,21

----------------------------------
§§§§§§ [b153] §§§§§§
----------------------------------
[X] Registre

-------------- [ ] rapide
-- Fichier --- [ ] disque systeme
------------- [X] complete


********************
[Registre]
********************


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{43DBAB44-8EDC-4FB0-B305-F117ECB15305}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{43DBAB44-8EDC-4FB0-B305-F117ECB15305}\InprocServer32]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{43DBAB44-8EDC-4FB0-B305-F117ECB15305}\ProgID]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{43DBAB44-8EDC-4FB0-B305-F117ECB15305}\TypeLib]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{43DBAB44-8EDC-4FB0-B305-F117ECB15305}\VersionIndependentProgID]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\Control]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\InprocServer32]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\Insertable]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\MiscStatus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\MiscStatus\1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\ProgID]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\Programmable]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\ToolboxBitmap32]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\TypeLib]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\TypeLib]
@="{6BF52A50-394A-11d3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\Version]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\VersionIndependentProgID]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CD1ABFC8-6C5E-4A8D-B90B-2A3B153B886D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CD1ABFC8-6C5E-4A8D-B90B-2A3B153B886D}\InprocServer32]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB15353D-9783-403B-A60A-16A80D5516AA}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB15353D-9783-403B-A60A-16A80D5516AA}\InprocServer32]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB15353D-9783-403B-A60A-16A80D5516AA}\ProgID]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB15353D-9783-403B-A60A-16A80D5516AA}\TypeLib]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB15353D-9783-403B-A60A-16A80D5516AA}\VersionIndependentProgID]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07EC23DA-EF73-4BDE-A40F-F269E0B7AFD6}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0A319C7F-85F9-436C-B88E-82FD88000E1C}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0E6B01D1-D407-4C85-BF5F-1C01F6150280}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0EA1DE14-E288-4958-A23C-942634A27EB5}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{10A13217-23A7-439B-B1C0-D847C79B7774}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{158A7ADC-33DA-4039-A553-BDDBBE389F5C}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{172E905D-80D9-4C2F-B7CE-2CCB771787A2}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{17E5DC63-E296-4EDE-B9CC-CF57D18ED10E}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1AD13E0B-4F3A-41DF-9BE2-F9E6FE0A7875}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1AF41667-542C-42EA-BF53-DC101168C503}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{21D077C1-4BAA-11D3-BD45-00C04F6EA5AE}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{237DAC8E-0E32-11D3-A2E2-00C04F79F88E}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{28682B8E-9055-47A9-A179-8E0BAB1164D1}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2A2E0DA3-19FA-4F82-BE18-CD7D7A3B977F}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2BD3716F-A914-49FB-8655-996D5F495498}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2D7EF888-1D3C-484A-A906-9F49D99BB344}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2E922378-EE70-4CEB-BBAB-CE7CE4A04816}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3148E685-B243-423D-8341-8480D6EFF674}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{33E9291A-F6A9-11D2-9435-00A0C92A2F2D}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{350BA78B-6BC8-4113-A5F5-312056934EB6}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3614C646-3B3B-4DE7-A81E-930E3F2127B3}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{37327700-EF20-11D2-9431-00A0C92A2F2D}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3984E7EB-08EF-11D3-9447-00A0C92A2F2D}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{39C2F8D5-1CF2-4D5E-AE09-D73492CF9EAA}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3DF47861-7DF1-4C1F-A81B-4C26F0F7A7C6}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{40897764-CEAB-47BE-AD4A-8E28537F9BBF}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{40C6BDE7-9C90-49D4-AD20-BEF81A6C5F22}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{46AD648D-53F1-4A74-92E2-2A1B68D63FD4}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4A976298-8C0D-11D3-B389-00C04F68574B}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4F2DF574-C588-11D3-9ED0-00C04FB6E937}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{504F112E-77CC-4E3C-A073-5371B31D9B36}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{50FC8D31-67AC-11D3-BD4C-00C04F6EA5AE}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{54062B68-052A-4C25-A39F-8B63346511D4}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{54DF358E-CF38-4010-99F1-F44B0E9000E5}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{56E2294F-69ED-4629-A869-AEA72C0DCC2C}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{58D507B1-2354-11D3-BD41-00C04F6EA5AE}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{58D507B2-2354-11D3-BD41-00C04F6EA5AE}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5A09862E-47B1-4D17-94EA-2BDE3014DD42}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5AF0BEC1-46AA-11D3-BD45-00C04F6EA5AE}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5C29BBE0-F87D-4C45-AA28-A70F0230FFA9}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5D0AD945-289E-45C5-A9C6-F301F0152108}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5F0248C1-62B3-42D7-B927-029119E6AD14}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5F9CFD92-8CAD-11D3-9A7E-00C04F8EFB70}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{61CECF10-FC3A-11D2-A1CD-005004602752}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{63D9D30F-AE4C-4678-8CA8-5720F4FE4419}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{679409C0-99F7-11D3-9FB7-00105AA620BB}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6B550945-018F-11D3-B14A-00C04F79FAA6}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6BF52A4F-394A-11D3-B153-00C04F79FAA6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6BF52A4F-394A-11D3-B153-00C04F79FAA6}\ProxyStubClsid]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6BF52A4F-394A-11D3-B153-00C04F79FAA6}\ProxyStubClsid32]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6BF52A4F-394A-11D3-B153-00C04F79FAA6}\TypeLib]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6BF52A4F-394A-11D3-B153-00C04F79FAA6}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6BF52A51-394A-11D3-B153-00C04F79FAA6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6BF52A51-394A-11D3-B153-00C04F79FAA6}\ProxyStubClsid]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6BF52A51-394A-11D3-B153-00C04F79FAA6}\ProxyStubClsid32]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6BF52A51-394A-11D3-B153-00C04F79FAA6}\TypeLib]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6BF52A51-394A-11D3-B153-00C04F79FAA6}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6C497D62-8919-413C-82DB-E935FB3EC584}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6F030D25-0890-480F-9775-1F7E40AB5B8E}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6FCAE13D-E492-4584-9C21-D2C052A2A33A}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{70E1217C-C617-4CFD-BD8A-69CA2043E70B}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{72F486B1-0D43-11D3-BD3F-00C04F6EA5AE}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{74C09E02-F828-11D2-A74B-00A0C905F36E}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7587C667-628F-499F-88E7-6A6F4E888464}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{769A72DB-13D2-45E2-9C48-53CA9D5B7450}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{76F13F00-6E17-4D98-BE2D-D2A84CFF5BFD}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{788C8743-E57F-439D-A468-5BC77F2E59C6}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7AAA2D24-B37A-4E11-82C1-E071246463A4}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7CAD1D24-EDED-47FA-A1D8-4628FBE5638C}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{82A2986C-0293-4FD0-B279-B21B86C058BE}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{82CBA86B-9F04-474B-A365-D6DD1466E541}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8363BC22-B4B4-4B19-989D-1CD765749DD1}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{87291B50-0C8E-11D3-BB2A-00A0C93CA73A}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{876E7208-0172-4EBB-B08B-2E1D30DFE44C}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{88AFB4B2-140A-44D2-91E6-4543DA467CD1}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{891EADB1-1C45-48B0-B704-49A888DA98C4}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8B5050FF-E0A4-4808-B3A8-893A9E1ED894}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8BA957F5-FD8C-4791-B82D-F840401EE474}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8DA61686-4668-4A5C-AE5D-803193293DBE}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9104D1AB-80C9-4FED-ABF0-2E6417A6DF14}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{94D55E95-3FAC-11D3-B155-00C04F79FAA6}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{95F45AA2-ED0A-11D2-BA67-0000F80855E6}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{95F45AA4-ED0A-11D2-BA67-0000F80855E6}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{968F36CA-CB43-4F6A-A03B-66A9C05A93EE}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{98BB02D4-ED74-43CC-AD6A-45888F2E0DCC}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9FBB3336-6DA3-479D-B8FF-67D46E20A987}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A00918F3-A6B0-4BFB-9189-FD834C7BC5A5}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A12DCF7D-14AB-4C1B-A8CD-63909F06025B}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A1D1110E-D545-476A-9A78-AC3E4CB1E6BD}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A85C0477-714C-4A06-B9F6-7C8CA38B45DC}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A915CEA2-72DF-41E1-A576-EF0BAE5E5169}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A9EFAB80-0A60-4C3F-BBD1-4558DD2A9769}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB7C88BB-143E-4EA4-ACC3-E4350B2106C3}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AC743628-971D-4C1E-B019-50543EFE2BAD}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B2C2D18E-97AF-4B6A-A56B-2FFFF470FB81}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B738FCAE-F089-45DF-AED6-034B9E7DB632}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BB17FFF7-1692-4555-918A-6AF7BFACEDD2}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BC17E5B7-7561-4C18-BB90-17D485775659}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BD94DBEB-417F-4928-AA06-087D56ED9B59}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C9470E8E-3F6B-46A9-A0A9-452815C34297}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CDAC14D2-8BE4-11D3-BB48-00A0C93CA73A}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CFAB6E98-8730-11D3-B388-00C04F68574B}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D10CCDFF-472D-498C-B5FE-3630E5405E0A}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D255DFB8-C22A-42CF-B8B7-F15D7BCF65D6}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D5F0F4F1-130C-11D3-B14E-00C04F79FAA6}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D84CCA96-CCE2-11D2-9ECC-0000F8085981}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D84CCA99-CCE2-11D2-9ECC-0000F8085981}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E15E9AD1-8F20-4CC4-9EC7-1A328CA86A0D}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E2CC638C-FD2C-409B-A1EA-5DDB72DC8E84}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E31E7583-32D5-491C-B611-825D032B02CF}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E41C88DD-2364-4FF7-A0F5-CA9859AF783F}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EC21B779-EDEF-462D-BBA4-AD9DDE2B29A7}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EE4C8FE2-34B2-11D3-A3BF-006097C9B344}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EF870383-83AB-4EA9-BE48-56FA4251AF10}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F118EFC7-F03A-4FB4-99C9-1C02A5C1065B}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F2BF2C8F-405F-11D3-BB39-00A0C93CA73A}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F75CCEC0-C67C-475C-931E-8719870BEE7D}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F81B2A59-02BC-4003-8B2F-C124AF66FC66}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F8578BFA-CD8F-4CE1-A684-5B7E85FCA7DC}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F85E2D65-207D-48DB-84B1-915E1735DB17}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FC1880CE-83B9-43A7-A066-C44CE8C82583}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FDA937A4-EECE-4DA5-A0B6-39BF89ADE2C2}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FFFB0104-CCBB-4513-8B6B-46F5098FAB43}\TypeLib]
@="{6BF52A50-394A-11D3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Microsoft.Photos.MediaPublishSubscribeInterface\CLSID]
@="{43DBAB44-8EDC-4FB0-B305-F117ECB15305}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Microsoft.Photos.MediaPublishSubscribeInterface.1\CLSID]
@="{43DBAB44-8EDC-4FB0-B305-F117ECB15305}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MicrosoftEffects.CacheEffect\CLSID]
@="{FB15353D-9783-403B-A60A-16A80D5516AA}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MicrosoftEffects.CacheEffect.1\CLSID]
@="{FB15353D-9783-403B-A60A-16A80D5516AA}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6BF52A50-394A-11D3-B153-00C04F79FAA6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6BF52A50-394A-11D3-B153-00C04F79FAA6}\1.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6BF52A50-394A-11D3-B153-00C04F79FAA6}\1.0\0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6BF52A50-394A-11D3-B153-00C04F79FAA6}\1.0\0\win32]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6BF52A50-394A-11D3-B153-00C04F79FAA6}\1.0\FLAGS]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6BF52A50-394A-11D3-B153-00C04F79FAA6}\1.0\HELPDIR]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WMPlayer.OCX\CLSID]
@="{6BF52A52-394A-11d3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WMPlayer.OCX.7\CLSID]
@="{6BF52A52-394A-11d3-B153-00C04F79FAA6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\FeatureComponentID]
"{6BF52A52-394A-11D3-B153-00C04F79FAA6}"="WMPLAYER"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0048F8D37B153F6EA2798C323EF4F318A5624A9E]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\150D4A76083B15348ABDCC7EEFD9D1F4]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49EED317D562B0A40A0B153FE708EE24]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06678636C0BB7F4A87891967BDB153C]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]

[HKEY_USERS\S-1-5-19\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]

[HKEY_USERS\S-1-5-20\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]

[HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]

[HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6BF52A52-394A-11D3-B153-00C04F79FAA6}]

[HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6BF52A52-394A-11D3-B153-00C04F79FAA6}\iexplore]

[HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Classes\CLSID\{F025CE7F-0C30-1036-0223-040306110021}]
"b153"="yes"

[HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003_Classes\CLSID\{F025CE7F-0C30-1036-0223-040306110021}]
"b153"="yes"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]

*******************
[Fichier]
*******************



*********************
[Même date]
*********************

Aucun fichier créé à la même date détecté


Outil Aide Diagnostic By !aur3n7 Version 1.1
----------------------------------
§§§§§ Fin Rapport §§§§§
----------------------------------
0
Réponse 38 / 56
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
30 juin 2008 à 18:47
salut,

excuse pour le délais...

oad voie des clées relatives aux fichiers b153...

on reviendra la dessus après

passe ceci pour le moment :

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !

@+
0
Réponse 39 / 56
StereoSushi Messages postés 31 Date d'inscription mercredi 25 juin 2008 Statut Membre Dernière intervention 25 février 2009
1 juil. 2008 à 00:57
Bonsoir,

pas de problem pour le délais, tous le monde à le droit à un petit week end tranquile ;-)

bon je te poste les rapports, cependant Router et nvcoi sont toujours la spy bot me les a présenter.

j'ai donc refuser la modification pro^poser mais c'est reculer pour mieux sauter je crois.



[b]SDFix: Version 1.199 [/b]
Run by olivier on 01/07/2008 at 00:29

Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\olivier\Bureau\sdfix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]:

Trojan Files Found:

C:\WINDOWS\SYSTEM32\FTPUPD.EXE - Deleted
C:\WINDOWS\system32\TFTP3068 - Deleted
C:\WINDOWS\system32\TFTP3544 - Deleted
C:\WINDOWS\system32\TFTP3984 - Deleted





Removing Temp Files

[b]ADS Check [/b]:



[b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-01 00:41:42
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"F:\\Program Files\\Steam\\Steam.exe"="F:\\Program Files\\Steam\\Steam.exe:*:Enabled:Steam"
"F:\\Program Files\\Steam\\SteamApps\\capitainetarace@hotmail.com\\counter-strike\\hl.exe"="F:\\Program Files\\Steam\\SteamApps\\capitainetarace@hotmail.com\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe:*:Enabled:backWeb-7288971"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\Program Files\\softnyx\\GunBound\\GunBound.gme"="C:\\Program Files\\softnyx\\GunBound\\GunBound.gme:*:Enabled:GunBound"
"C:\\Program Files\\softnyx\\GunBound\\GunBound.exe"="C:\\Program Files\\softnyx\\GunBound\\GunBound.exe:*:Enabled:GunBound Startup Application"
"G:\\UT2004\\System\\UT2004.exe"="G:\\UT2004\\System\\UT2004.exe:*:Enabled:UT2004"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"G:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"="G:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"G:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"="G:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"G:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="G:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"G:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="G:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"G:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="G:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"G:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="G:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"G:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="G:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"G:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="G:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

[b]Remaining Files [/b]:


File Backups: - C:\DOCUME~1\olivier\Bureau\sdfix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Tue 22 Apr 2008 625,664 A.SH. --- "C:\Program Files\Internet Explorer\iexplore.exe"
Fri 20 Aug 2004 60,416 A.SH. --- "C:\Program Files\Outlook Express\msimn.exe"
Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 28 Jan 2008 2,097,488 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Fri 20 Aug 2004 4,639 A.SH. --- "C:\Program Files\Windows Media Player\mplayer2.exe"
Fri 3 Nov 2006 64,000 A.SH. --- "C:\Program Files\Windows Media Player\wmplayer.exe"
Sat 28 Apr 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Thu 22 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4633c51c90c17af214c8eeab40b9fcf4\BIT5.tmp"
Mon 2 Jun 2008 24,064 ...H. --- "C:\Documents and Settings\deborah\Mes documents\Administratif\Garde Josh\~WRL0003.tmp"
Mon 2 Jun 2008 24,576 ...H. --- "C:\Documents and Settings\deborah\Mes documents\Administratif\Garde Josh\~WRL0249.tmp"
Mon 2 Jun 2008 24,576 ...H. --- "C:\Documents and Settings\deborah\Mes documents\Administratif\Garde Josh\~WRL1175.tmp"
Mon 2 Jun 2008 24,576 ...H. --- "C:\Documents and Settings\deborah\Mes documents\Administratif\Garde Josh\~WRL2178.tmp"
Mon 2 Jun 2008 24,064 ...H. --- "C:\Documents and Settings\deborah\Mes documents\Administratif\Garde Josh\~WRL2830.tmp"
Mon 2 Jun 2008 24,064 ...H. --- "C:\Documents and Settings\deborah\Mes documents\Administratif\Garde Josh\~WRL3721.tmp"
Mon 2 Jun 2008 24,576 ...H. --- "C:\Documents and Settings\deborah\Mes documents\Administratif\Garde Josh\~WRL3851.tmp"
Mon 2 Jun 2008 24,064 ...H. --- "C:\Documents and Settings\deborah\Mes documents\Administratif\Garde Josh\~WRL3961.tmp"

[b]Finished![/b]










Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:50:33, on 01/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\system32\TCAUDIAG.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
G:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
G:\PROGRA~1\MICROS~1\rapimgr.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Steam] "f:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [H/PC Connection Agent] "G:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Router] C:\Program Files\Router\Router.exe
O4 - HKCU\..\Run: [nvcoi] C:\Program Files\nvcoi\nvcoi.exe
O4 - HKUS\S-1-5-18\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: ppctlcab -
O16 - DPF: {00000000-0000-0000-0000-000020030000} -
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} -
O16 - DPF: {08BEF711-06DA-48B2-9534-802ECAA2E4F9} -
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -
O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} -
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} -
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} -
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} -
O16 - DPF: {68BCE50A-DC9B-4519-A118-6FDA19DB450D} -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} -
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -
O16 - DPF: {A40ED8B3-F960-11D4-8DF3-89955D701717} -
O16 - DPF: {ABB08127-7417-11D4-8566-00500448008D} -
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} -
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} -
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} -
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
O23 - Service: RadClock - Unknown owner - C:\WINDOWS\system32\RadClock.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
0
Réponse 40 / 56
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
1 juil. 2008 à 19:59
salut,

voila ce que je te propose de faire :

Ccleaner:

-> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):

http://www.commentcamarche.net/telecharger/telechargement 168 ccleaner

-> L´installer.

-> Une fois installé et lancé :

Dans la colonne de gauche, click sur :

->"registre" :

Coches toutes les cases sous"l´integrité du registre", puis click en bas sur "chercher des erreurs" une fois terminé, clic sur "reparer les erreurs", tu auras un message pour sauvegarder ta base de registre, tu click "oui" puis tu recommence jusqu'à ce qu'il ne trouve plus rien.

ps : les sauvegardes que tu auras faites, pourront etre supprimées ulterieurement si tout va bien.

->"nettoyeur"

quitte ton navigateur avant de le lancer, dans les propriétés du nettoyeur de l´onglet "windows" et "applications"décoche la derniere case (Avancé si elle est cochée) puis click sur "lancer le nettoyage" qunand il aura terminé le scan click en bas a droite sur "lancer le nettoyage" et accepte par oui.

-> Tutoriel en image :

https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php

-> Pour ceux qui voudraient aller plus loin en compagnie de jesses (fonctions avancés) :

http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

puis

fais marcher regcleaner :

telecharge et instal regcleaner:

http://www.01net.com/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/4894.html

tutorial :

https://forums.cnetfrance.fr

http://www.softastuces.com/tuto/maint/regcleaner/

ces deux logiciels devraient ésperement supprimer les clées correspondantes a b153 ect, car les fichiers n´existant plus elles vont etre vu comme des clees orphelines...

puis retente de passer combofix avec le meme script que la derniere fois; maintenant que sdfix est passé on va voir ce que cela donne....

Copie le texte ci-dessous :

Folder::
C:\Program Files\Router
C:\Program Files\nvcoi

File::
c:\WINDOWS\Prefetch\NVCOI.EXE-20D4DD60.pf

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nvcoi"=-
"Router"=-
[-HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Tracing\LccM­e­dia\Crossbar\AdvancedTracing\Group]
[-HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\Curr­e­ntVersion\App Management\ARPCache\Router]
[HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\Curre­­ntVersion\Run]
"Router"=-
[-HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\Curr­e­ntVersion\Uninstall\Router]
[-HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\Curr­e­ntVersion\Uninstall\Router]
[-HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\Curr­e­ntVersion\Uninstall\Router]
[-HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\Curr­e­ntVersion\App Management\ARPCache\nvcoi]
[HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\Curre­­ntVersion\Run]
"nvcoi"=-
[-HKEY_USERS\S-1-5-21-1614895754-606747145-1417001333-1003\Software\Microsoft\Windows\Shel­l­NoRoam\MUICache]

Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://sd-1.archive-host.com/membres/up/1366464061/CFScript.gif

Cela va relancer Combofix,

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.

ps: redemarre le pc avant de poster le nouveau rapport hijack this stp

@+
0

Discussions similaires

Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses
Aide pour un virus
cerise92700 -
MisteryBean -

41 réponses
Trojan impossible à supprimer!
Gridouu -
Malekal_morte- -

12 réponses
Virus : trojan:win32/wacatac.h!ml
Alky09 -
bazfile -

8 réponses
Comment éliminer manuellement virus trojan?
ballag -
RClog -

12 réponses